VIRY.CZ

Zdravim.Mam problem s karadovo pocitacem.Take mu stale vyskakuji reklamy a celkove mi prijde totalne zavirovany.Mohu vas poprosit o radu?Dekuji

Zdravim

TOhle je sekce pro OS a ne pro reseni problemu s haveti, ale nechte to tu - pak to presunu

Dejte aspon log z RSIT nebo FRST at se mame od ceho odpichnout

ok.omlpuvam se Hned to bude

Logfile of random's system information tool 1.09 (written by random/random)
Run by Andy at 2014-03-19 15:57:28
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 416 GB (89%) free of 465 GB
Total RAM: 3957 MB (46% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:57:35, on 19.03.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16521)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Re-markit-soft\Re-markit_wd.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
C:\Windows\PLFSetI.exe
C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
C:\Program Files (x86)\PC Speed Maximizer\SPMSmartScan.exe
C:\Program Files (x86)\PC Speed Maximizer\SPMReminder.exe
C:\ProgramData\MovieMode\MovieMode.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Users\Andy\AppData\Roaming\systweak\ssd\SSDPTstub.exe
C:\Users\Andy\AppData\Local\Temp\is-D4FE5.tmp\SSDPTstub.tmp
C:\Program Files (x86)\Systweak Support Dock\SystweakDock.exe
C:\Program Files (x86)\PC Cleaner\PCCleaner.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
C:\Program Files\trend micro\Andy.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.awesomehp.com/?type=hp&ts=13 ... 0Q7K36B4LX
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.amazon.de/gp/bit/amazonserp/ ... sp_adppi15
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.awesomehp.com/?type=hp&ts=13 ... 0Q7K36B4LX
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.awesomehp.com/web/?type=ds&t ... earchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.awesomehp.com/web/?type=ds&t ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.mysearchdial.com/?f=1&a=cm ... 222902&ir=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:13828
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: IEOptimizer - {10AD2C61-0898-4348-8600-14A342F22AC3} - C:\Program Files (x86)\SavingsBull\IEOptimizer.dll
O2 - BHO: CrossriderApp0044150 - {11111111-1111-1111-1111-110411411150} - C:\Program Files (x86)\media enhance\media enhance-bho.dll
O2 - BHO: CrossriderApp0051578 - {11111111-1111-1111-1111-110511151178} - C:\Program Files (x86)\video-high\video-high-bho.dll
O2 - BHO: melondrea - {16f059cb-3d3f-4ecc-b426-bafa47233676} - C:\Program Files (x86)\melondrea\melondreaBHO.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: V-bates Helper - {21EAF666-26B3-4a3c-ABD0-CA2F5A326744} - C:\Program Files\V-bates\Extension32.dll
O2 - BHO: Amazon 1Button App for IE - {26B19FA4-E8A1-4A1B-A163-1A1E46F830DD} - C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonAppIE.dll
O2 - BHO: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SaveSense - {71e129ff-6c2a-4984-818c-7e2c998b8d99} - C:\Users\Andy\AppData\Local\SaveSense\SaveSenseIE.dll
O2 - BHO: Highlightly - {83F2328D-0D6A-42B4-B0C4-02A929EDD4BE} - C:\Program Files (x86)\Highlightly\IE\HighlightlyClientIE.dll
O2 - BHO: (no name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - (no file)
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: windealistBHO - {B8F10001-9552-4F40-8F61-6765CD22DD9E} - C:\Program Files (x86)\windealist\Internet Explorer\windealist.dll
O2 - BHO: DVDVideoSoft.WebPageAdjuster - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
O2 - BHO: mysearchdial Helper Object - {EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} - C:\Program Files (x86)\Mysearchdial\1.8.29.0\bh\mysearchdial.dll
O3 - Toolbar: mysearchdial Toolbar - {3004627E-F8E9-4E8B-909D-316753CBA923} - C:\Program Files (x86)\Mysearchdial\1.8.29.0\mysearchdialTlbr.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "c:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [EgisTecLiveUpdate] "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Andy\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [PC Speed Maximizer] C:\Program Files (x86)\PC Speed Maximizer\SPMLauncher.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Startup: MyPC Backup.lnk = C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe
O4 - Global Startup: Acer VCM.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
O9 - Extra button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
O9 - Extra 'Tools' menuitem: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Acer\Acer VCM\Skype4COM.dll
O20 - AppInit_DLLs: C:\PROGRA~2\Amazon\AMAZON~1\\AMAZON~3.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agr64svc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avira Planer (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Echtzeit-Scanner (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Computer Backup (MyPC Backup) (BackupStack) - Just Develop It - C:\Program Files (x86)\MyPC Backup\BackupStack.exe
O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Datamngr Coordinator (DatamngrCoordinator) - Unknown owner - C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
O23 - Service: Highlightly Client Service (hlsvc) - Highlightly - C:\Program Files (x86)\Highlightly\Service\hlsvc.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IePlugin Service (IePluginService) - Cherished Technololgy LIMITED - C:\ProgramData\IePluginService\PluginService.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Level Quality Watcher - Unknown owner - C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Movie Mode (MovieMode) - GenTechnologies Apps, LLC - C:\ProgramData\MovieMode\MovieModeService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NewPlayer Updater Service (NewPlayerUpdaterService) - Unknown owner - C:\Program Files (x86)\NewPlayer\NewPlayerUpdaterService.exe
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Re-markit - Unknown owner - C:\Program Files (x86)\Re-markit-soft\Re-markit157.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SaveSenseLive Service (savesenselive) (savesenselive) - SaveSense - C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe
O23 - Service: SaveSenseLive Service (savesenselivem) (savesenselivem) - SaveSense - C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe
O23 - Service: SavingsbullFilterService64 - Unknown owner - c:\Program Files\SavingsbullFilter\SavingsbullFilterService64.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Update melondrea - Unknown owner - C:\Program Files (x86)\melondrea\updatemelondrea.exe
O23 - Service: Updater Service - Acer - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: Updater Service for AMZN - Unknown owner - C:\Program Files (x86)\Amazon Browser Bar\ToolbarUpdaterService.exe
O23 - Service: Util melondrea - Unknown owner - C:\Program Files (x86)\melondrea\bin\utilmelondrea.exe
O23 - Service: V-bates Updater - Unknown owner - C:\Program Files\V-bates\ExtensionUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wpm Service (Wpm) - Cherished Technololgy LIMITED - C:\ProgramData\WPM\wprotectmanager.exe

--
End of file - 17181 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
winlogon.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\ProgramData\IePluginService\PluginService.exe -service
atieclxx
C:\ProgramData\WPM\wprotectmanager.exe -service
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\LSI SoftModem\agr64svc.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
taskeng.exe {5A59B287-3DE5-440F-A88E-B22B5211D0A1}
"C:\Program Files (x86)\Re-markit-soft\Re-markit_wd.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Acer\Registration\GregHSRW.exe"
"C:\Program Files (x86)\Highlightly\Service\hlsvc.exe"
"C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe" run options=01110010010000000000000000000000 sourceguid=F59A0002-F007-46FB-97D3-3BC5D2551041
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\ProgramData\MovieMode\MovieModeService.exe" "C:\ProgramData\MovieMode\MovieMode.exe"
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe"
"C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Windows\PLFSetI.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe"
"C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe"
"C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
"C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
"C:\Program Files (x86)\PC Speed Maximizer\SPMSmartScan.exe"
"C:\Program Files (x86)\PC Speed Maximizer\SPMReminder.exe"
"C:\Program Files (x86)\NewPlayer\NewPlayerUpdaterService.exe"
C:\ProgramData\MovieMode\MovieMode.exe
"C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe"
"C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe"
"C:\Program Files (x86)\Re-markit-soft\Re-markit157.exe"
"C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe"
"c:\Program Files\SavingsbullFilter\SavingsbullFilterService64.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
"C:\Program Files\V-bates\ExtensionUpdaterService.exe"
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_000006cc
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\Launch Manager\LManager.exe"
"C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
"C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"C:\Program Files\iPod\bin\iPodService.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\melondrea\updatemelondrea.exe"
"C:\Program Files (x86)\melondrea\bin\utilmelondrea.exe"
"C:\Windows\system32\wuauclt.exe"
"C:\Users\Andy\AppData\Roaming\systweak\ssd\SSDPTstub.exe" /verysilent /hidden
"C:\Users\Andy\AppData\Local\Temp\is-D4FE5.tmp\SSDPTstub.tmp" /SL5="$30424,168299,119296,C:\Users\Andy\AppData\Roaming\systweak\ssd\SSDPTstub.exe" /verysilent /hidden
"C:\Program Files (x86)\Systweak Support Dock\SystweakDock.exe" -firstinstall
"C:\Program Files (x86)\PC Cleaner\PCCleaner.exe"
"C:\Program Files (x86)\Amazon Browser Bar\ToolbarUpdaterService.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" http://www.awesomehp.com/?type=sc&ts=13 ... 0Q7K36B4LX
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=45272.764ee00.1400324874 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 45272 "\\.\pipe\gecko-crash-server-pipe.45272" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe" --proxy-stub-channel=Flash50076.638AC768.2360 --host-broker-channel=Flash50076.638AC768.13039 --host-pid=50076 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe" --channel=50112.001EF3B8.1672538164 --proxy-stub-channel=Flash50076.638AC768.2360 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll" --host-npapi-version=27 --type=renderer
"taskhost.exe"
taskeng.exe {B150CAC9-F64D-4E2B-BBF9-9A4981060D4C}
"C:\Program Files\V-bates\PrefHelper.exe"
"C:\Users\Andy\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\APSnotifierPP1.job
C:\Windows\tasks\APSnotifierPP2.job
C:\Windows\tasks\APSnotifierPP3.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2572004753-489833056-2062872051-1001Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2572004753-489833056-2062872051-1001UA.job
C:\Windows\tasks\FF Watcher {C1AB1921-6FCD-44EA-A07A-C043A1F6D83B}.job
C:\Windows\tasks\media enhance-chromeinstaller.job
C:\Windows\tasks\media enhance-codedownloader.job
C:\Windows\tasks\media enhance-enabler.job
C:\Windows\tasks\media enhance-firefoxinstaller.job
C:\Windows\tasks\media enhance-updater.job
C:\Windows\tasks\MySearchDial.job
C:\Windows\tasks\Re-markit Update.job
C:\Windows\tasks\Re-markit_wd.job
C:\Windows\tasks\RegClean Pro_DEFAULT.job
C:\Windows\tasks\RegClean Pro_UPDATES.job
C:\Windows\tasks\SaveSense.job
C:\Windows\tasks\SaveSenseLiveUpdateTaskMachineCore.job
C:\Windows\tasks\SaveSenseLiveUpdateTaskMachineUA.job
C:\Windows\tasks\SpeedUpMyPC Maintenance.job
C:\Windows\tasks\SpeedUpMyPC Startup.job
C:\Windows\tasks\UpdaterEX.job
C:\Windows\tasks\video-high-chromeinstaller.job
C:\Windows\tasks\video-high-codedownloader.job
C:\Windows\tasks\video-high-enabler.job
C:\Windows\tasks\video-high-firefoxinstaller.job
C:\Windows\tasks\video-high-updater.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\zm4q99h3.default

prefs.js - "browser.startup.homepage" - "http://start.mysearchdial.com/?f=1&a=cm ... 222902&ir="

"{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}"=C:\Program Files\V-bates\Firefox


[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.77 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detektor-Plug-In
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5]
"Description"=Office Live Update v1.5
"Path"=C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.updaterss.com/SaveSenseLive Update;version=3]
"Description"=SaveSenseLive Update
"Path"=C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.updaterss.com/SaveSenseLive Update;version=9]
"Description"=SaveSenseLive Update
"Path"=C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\npGoogleUpdate3.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.77 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\
gethighlightly@gethighlightly.com

C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\zm4q99h3.default\extensions\
0c822a17-a68f-4066-9257-d229458d21ca@9c178d17-dc61-4aaf-b2da-1425ac7300ac.com
13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com
amazon-icon@giga.de
EFGLQA@78ETGYN-0W7FN789T87.COM
ffxtlbr@mysearchdial.com
m4@windealist.com
quick_start@gmail.com
SavingsBull@jetpack
staged
{09C79CB0-9AB0-B179-4F3E-DDB93CE109BE}
{2d7886a0-85bb-4bf2-b684-ba92b4b21d23}
{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}
{cfc3366e-c743-48b5-a136-642e86be865e}

C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\zm4q99h3.default\searchplugins\
amazon.xml
Ask.xml
buenosearch.xml
conduit-search.xml
iminent.xml
Mysearchdial.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411411150}]
media enhance - C:\Program Files (x86)\media enhance\media enhance-bho64.dll [2014-03-15 674304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511151178}]
video-high - C:\Program Files (x86)\video-high\video-high-bho64.dll [2014-03-15 674304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}]
V-bates - C:\Program Files\V-bates\Extension64.dll [2014-02-26 233984]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}]
The Amazon 1Button App for IE - C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonAppIE64.dll [2013-12-15 1161536]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83F2328D-0D6A-42B4-B0C4-02A929EDD4BE}]
Highlightly - C:\Program Files\Highlightly\IE\HighlightlyClientIE.dll [2013-12-04 180840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
DVDVideoSoft WebPageAdjuster Class - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2013-09-26 336952]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10AD2C61-0898-4348-8600-14A342F22AC3}]
IEOptimizer - C:\Program Files (x86)\SavingsBull\IEOptimizer.dll [2014-02-18 86800]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411411150}]
media enhance - C:\Program Files (x86)\media enhance\media enhance-bho.dll [2014-03-15 501760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511151178}]
video-high - C:\Program Files (x86)\video-high\video-high-bho.dll [2014-03-15 501760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{16f059cb-3d3f-4ecc-b426-bafa47233676}]
melondrea - C:\Program Files (x86)\melondrea\melondreaBHO.dll [2014-03-05 249632]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}]
V-bates - C:\Program Files\V-bates\Extension32.dll [2014-02-26 193024]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}]
The Amazon 1Button App for IE - C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonAppIE.dll [2013-12-15 1076032]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
IETabPage Class - C:\Program Files (x86)\SupTab\SupTab.dll [2014-02-26 513136]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{71e129ff-6c2a-4984-818c-7e2c998b8d99}]
SaveSense - C:\Users\Andy\AppData\Local\SaveSense\SaveSenseIE.dll [2014-01-07 99336]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83F2328D-0D6A-42B4-B0C4-02A929EDD4BE}]
Highlightly - C:\Program Files (x86)\Highlightly\IE\HighlightlyClientIE.dll [2013-12-04 147560]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Anmelde-Hilfsprogramm - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B8F10001-9552-4F40-8F61-6765CD22DD9E}]
WinDealist BHO - C:\Program Files (x86)\windealist\Internet Explorer\windealist.dll [2014-01-22 182296]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
DVDVideoSoft WebPageAdjuster Class - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2013-09-26 277560]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}]
mysearchdial Helper Object - C:\Program Files (x86)\Mysearchdial\1.8.29.0\bh\mysearchdial.dll [2014-03-15 279960]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{3004627E-F8E9-4E8B-909D-316753CBA923} - mysearchdial Toolbar - C:\Program Files (x86)\Mysearchdial\1.8.29.0\mysearchdialTlbr.dll [2014-03-15 288664]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-07-22 323072]
"IAAnotif"=C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-05 186904]
"mwlDaemon"=C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [2009-09-11 349480]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-10-29 8312352]
"PLFSetI"=C:\Windows\PLFSetI.exe [2013-09-28 200704]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-09-18 1842472]
"Acer ePower Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2009-09-30 823840]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Facebook Update"=C:\Users\Andy\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-11-22 138096]
"PC Speed Maximizer"=C:\Program Files (x86)\PC Speed Maximizer\SPMLauncher.exe [2013-03-09 134456]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=c:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-28 35696]
"BackupManagerTray"=C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [2009-09-25 261888]
"EgisTecLiveUpdate"=C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [2009-08-04 199464]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-12-09 98304]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2009-11-02 1100368]
"ArcadeDeluxeAgent"=C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [2009-10-29 419112]
"PlayMovie"=C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe [2009-11-12 181480]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2014-02-20 689744]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2013-11-02 152392]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Acer VCM.lnk - C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe

C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
MyPC Backup.lnk - C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~2.DLL"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsemngr.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsermngr.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bundlesweetimsetup.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cltmngsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta babylon.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta tb.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta2.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltainstaller.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltasetup.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb_2501-c733154b.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iminentsetup.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rjatydimofu.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sweetimsetup.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tbdelta.exetoolbar783881609.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe]
"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-03-19 15:57:28 ----D---- C:\rsit
2014-03-19 15:57:28 ----D---- C:\Program Files\trend micro
2014-03-19 15:27:01 ----D---- C:\Program Files (x86)\Amazon Browser Bar
2014-03-19 15:26:34 ----D---- C:\Program Files (x86)\Amazon
2014-03-19 15:26:04 ----D---- C:\Program Files (x86)\Advanced Disk Recovery
2014-03-19 15:25:59 ----D---- C:\Program Files (x86)\PC Cleaner
2014-03-19 15:25:54 ----D---- C:\Program Files (x86)\Systweak Support Dock
2014-03-15 14:08:03 ----D---- C:\Windows\SoftwareDistribution
2014-03-15 14:03:25 ----D---- C:\Users\Andy\AppData\Roaming\PC Speed Maximizer
2014-03-15 14:00:52 ----D---- C:\Program Files (x86)\windealist
2014-03-15 13:59:15 ----D---- C:\ProgramData\MovieMode
2014-03-15 13:58:23 ----D---- C:\ProgramData\SaveSenseLive
2014-03-15 13:58:23 ----D---- C:\Program Files (x86)\SaveSenseLive
2014-03-15 13:58:21 ----D---- C:\Users\Andy\AppData\Roaming\SaveSense
2014-03-15 13:58:18 ----D---- C:\Program Files (x86)\PC Speed Maximizer
2014-03-15 13:58:17 ----D---- C:\Users\Andy\AppData\Roaming\mysearchdial
2014-03-15 13:58:17 ----D---- C:\Program Files (x86)\Mysearchdial
2014-03-15 13:42:14 ----D---- C:\Program Files\V-bates
2014-03-15 13:41:14 ----D---- C:\Program Files (x86)\Advanced System Protector
2014-03-15 13:40:54 ----A---- C:\Windows\system32\roboot64.exe
2014-03-15 13:40:53 ----D---- C:\Users\Andy\AppData\Roaming\systweak
2014-03-15 13:40:52 ----D---- C:\Program Files (x86)\RegClean Pro
2014-03-15 13:30:25 ----D---- C:\Program Files (x86)\Uninstaller
2014-03-15 13:28:43 ----D---- C:\Program Files (x86)\NewPlayer
2014-03-15 13:28:41 ----D---- C:\Program Files (x86)\MyPC Backup
2014-03-15 13:28:14 ----D---- C:\Program Files (x86)\media enhance
2014-03-15 13:27:59 ----D---- C:\Users\Andy\AppData\Roaming\Uniblue
2014-03-15 13:27:59 ----D---- C:\Program Files (x86)\Uniblue
2014-03-15 13:27:22 ----D---- C:\ProgramData\IePluginService
2014-03-15 13:27:21 ----D---- C:\Users\Andy\AppData\Roaming\SupTab
2014-03-15 13:27:14 ----D---- C:\Program Files (x86)\SupTab
2014-03-15 13:27:10 ----D---- C:\ProgramData\WPM
2014-03-15 13:27:05 ----D---- C:\Program Files (x86)\Windows Phone
2014-03-15 13:26:50 ----D---- C:\Users\Andy\AppData\Roaming\VOPackage
2014-03-15 13:26:48 ----D---- C:\Program Files (x86)\video-high
2014-03-15 13:26:40 ----D---- C:\Users\Andy\AppData\Roaming\awesomehp
2014-03-15 13:26:23 ----D---- C:\Program Files (x86)\Re-markit-soft
2014-03-15 13:24:02 ----D---- C:\ProgramData\Applications
2014-03-13 17:18:17 ----A---- C:\Windows\SYSWOW64\wer.dll
2014-03-13 17:18:17 ----A---- C:\Windows\system32\wwansvc.dll
2014-03-13 17:18:17 ----A---- C:\Windows\system32\wer.dll
2014-03-13 17:18:16 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-03-13 17:18:16 ----A---- C:\Windows\system32\win32k.sys
2014-03-13 17:18:16 ----A---- C:\Windows\system32\iertutil.dll
2014-03-13 17:18:15 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-03-13 17:18:15 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-03-13 17:18:15 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-03-13 17:18:15 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-03-13 17:18:14 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-03-13 17:18:14 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-03-13 17:18:13 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-03-13 17:18:13 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-03-13 17:18:13 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-03-13 17:18:13 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-03-13 17:18:13 ----A---- C:\Windows\system32\urlmon.dll
2014-03-13 17:18:13 ----A---- C:\Windows\system32\iernonce.dll
2014-03-13 17:18:13 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-03-13 17:18:12 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-03-13 17:18:12 ----A---- C:\Windows\system32\msfeeds.dll
2014-03-13 17:18:11 ----A---- C:\Windows\system32\iesetup.dll
2014-03-13 17:18:11 ----A---- C:\Windows\system32\ie4uinit.exe
2014-03-13 17:18:10 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-03-13 17:18:10 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-03-13 17:18:10 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-03-13 17:18:10 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-03-13 17:18:10 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-03-13 17:18:10 ----A---- C:\Windows\system32\jsproxy.dll
2014-03-13 17:18:10 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-03-13 17:18:09 ----A---- C:\Windows\system32\ieUnatt.exe
2014-03-13 17:18:09 ----A---- C:\Windows\system32\ieui.dll
2014-03-13 17:18:09 ----A---- C:\Windows\system32\ieframe.dll
2014-03-13 17:18:08 ----A---- C:\Windows\system32\wininet.dll
2014-03-13 17:18:08 ----A---- C:\Windows\system32\jscript9diag.dll
2014-03-13 17:18:08 ----A---- C:\Windows\system32\jscript9.dll
2014-03-13 17:18:08 ----A---- C:\Windows\system32\ieapfltr.dll
2014-03-13 17:18:07 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-13 17:18:07 ----A---- C:\Windows\system32\msrating.dll
2014-03-13 17:18:07 ----A---- C:\Windows\system32\mshtml.dll
2014-03-13 17:16:25 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2014-03-13 17:16:25 ----A---- C:\Windows\SYSWOW64\qedit.dll
2014-03-13 17:16:25 ----A---- C:\Windows\system32\WindowsCodecs.dll
2014-03-13 17:16:25 ----A---- C:\Windows\system32\qedit.dll
2014-03-04 14:04:23 ----D---- C:\Program Files\SavingsBull
2014-02-26 14:02:51 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2014-02-26 14:00:53 ----D---- C:\Windows\Migration
2014-02-21 17:12:20 ----D---- C:\Program Files (x86)\SavingsBull

======List of files/folders modified in the last 1 month======

2014-03-19 15:57:35 ----D---- C:\Windows\Prefetch
2014-03-19 15:57:32 ----D---- C:\Windows\Temp
2014-03-19 15:57:28 ----RD---- C:\Program Files
2014-03-19 15:52:09 ----AD---- C:\Windows
2014-03-19 15:38:21 ----D---- C:\Windows\system32\config
2014-03-19 15:29:13 ----RD---- C:\Program Files (x86)
2014-03-19 15:27:40 ----D---- C:\Program Files (x86)\Acer GameZone
2014-03-19 15:26:43 ----D---- C:\Windows\system32\Tasks
2014-03-19 15:26:42 ----HD---- C:\ProgramData
2014-03-19 15:26:42 ----D---- C:\Windows\System32
2014-03-19 15:26:39 ----SHD---- C:\Windows\Installer
2014-03-19 15:23:49 ----D---- C:\Windows\inf
2014-03-19 15:23:48 ----D---- C:\Windows\debug
2014-03-19 15:20:20 ----SHD---- C:\System Volume Information
2014-03-19 15:19:39 ----D---- C:\Windows\SysWOW64
2014-03-19 15:19:32 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-03-19 15:17:49 ----D---- C:\Program Files (x86)\melondrea
2014-03-16 17:44:40 ----A---- C:\Windows\SYSWOW64\log.txt
2014-03-16 14:32:11 ----D---- C:\Windows\winsxs
2014-03-16 14:31:53 ----D---- C:\Program Files\Common Files\Microsoft Shared
2014-03-16 08:46:08 ----AD---- C:\ProgramData\Temp
2014-03-15 14:03:39 ----D---- C:\Windows\Tasks
2014-03-15 13:26:22 ----HD---- C:\Windows\system32\GroupPolicy
2014-03-15 13:26:22 ----D---- C:\Windows\SYSWOW64\GroupPolicy
2014-03-14 08:19:00 ----D---- C:\Program Files (x86)\Internet Explorer
2014-03-14 08:18:59 ----D---- C:\Program Files\Internet Explorer
2014-03-14 08:18:52 ----D---- C:\Program Files\Microsoft Silverlight
2014-03-14 08:18:51 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2014-03-13 17:16:21 ----D---- C:\Windows\system32\catroot2
2014-03-13 17:16:21 ----D---- C:\Windows\system32\catroot
2014-03-13 11:06:20 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-03-11 16:31:40 ----D---- C:\Windows\system32\MRT
2014-03-10 18:31:57 ----D---- C:\Windows\system32\drivers
2014-03-10 18:31:56 ----D---- C:\Windows\system32\pt-PT
2014-03-10 18:31:56 ----D---- C:\Windows\system32\pt-BR
2014-03-10 18:31:56 ----D---- C:\Windows\system32\nl-NL
2014-03-10 18:31:56 ----D---- C:\Windows\system32\it-IT
2014-03-10 18:31:56 ----D---- C:\Windows\system32\fr-FR
2014-03-10 18:31:55 ----D---- C:\Windows\system32\es-ES
2014-03-10 18:31:55 ----D---- C:\Windows\system32\en-US
2014-03-10 18:31:55 ----D---- C:\Windows\system32\drivers\UMDF
2014-03-10 18:31:55 ----D---- C:\Windows\system32\de-DE
2014-03-10 18:31:54 ----D---- C:\Windows\system32\DriverStore
2014-03-09 21:58:11 ----SD---- C:\Users\Andy\AppData\Roaming\Microsoft
2014-02-28 23:18:41 ----D---- C:\Windows\Microsoft.NET
2014-02-26 14:04:02 ----RSD---- C:\Windows\assembly
2014-02-26 14:01:07 ----D---- C:\Windows\SYSWOW64\en-US
2014-02-26 14:00:53 ----SD---- C:\ProgramData\Microsoft
2014-02-21 21:28:48 ----D---- C:\Windows\system32\wfp
2014-02-21 21:28:43 ----D---- C:\Windows\system32\wbem
2014-02-21 21:28:07 ----D---- C:\Program Files\Windows Media Player
2014-02-21 21:28:05 ----D---- C:\Windows\system32\NDF
2014-02-21 21:28:05 ----D---- C:\Windows\system32\Macromed
2014-02-21 21:27:57 ----D---- C:\Windows\registration
2014-02-21 21:27:23 ----D---- C:\Program Files (x86)\eSobi
2014-02-21 17:11:48 ----D---- C:\temp
2014-02-20 16:53:35 ----D---- C:\Windows\Panther
2014-02-20 16:53:35 ----D---- C:\Windows\Logs
2014-02-20 16:43:45 ----A---- C:\Windows\wininit.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-05 408600]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2013-12-20 131576]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2013-11-26 28600]
R1 hlnfd;hlnfd; C:\Windows\system32\drivers\hlnfd.sys [2013-12-04 58256]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-03 22576]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-03 20016]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-03 60464]
R1 netfilter64;netfilter64; C:\Windows\system32\drivers\netfilter64.sys [2013-12-17 61592]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};Power Control [2013/09/28 03:24:31]; \??\C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\000.fcl [2009-11-12 146928]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2013-12-20 108440]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-08-13 1209856]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-09-21 1537024]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-12-10 6179328]
R3 DKbFltr;Dritek Keyboard Filter Driver (64-bit); C:\Windows\SysWOW64\Drivers\DKbFltr.sys [2009-03-26 25608]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-10-28 2018080]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2009-08-06 320040]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2009-05-06 18432]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys [2009-06-25 205472]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-09-18 292912]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2009-05-06 16896]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S1 ozeadgfy;ozeadgfy; \??\C:\Windows\system32\drivers\ozeadgfy.sys []
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-07-22 40448]
S3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2009-06-10 1311232]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416]
S3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20); C:\Windows\system32\DRIVERS\L1E62x64.sys [2009-06-20 54272]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 WinUsb;WinUsb-Treiber; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agr64svc.exe [2009-03-28 16896]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-12-10 202752]
R2 AntiVirSchedulerService;Avira Planer; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2014-02-20 440400]
R2 AntiVirService;Avira Echtzeit-Scanner; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2014-02-20 440400]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2013-09-07 55624]
R2 Bonjour Service;Dienst "Bonjour"; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2009-09-30 844320]
R2 Greg_Service;GRegService; C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-08-28 1150496]
R2 hlsvc;Highlightly Client Service; C:\Program Files (x86)\Highlightly\Service\hlsvc.exe [2013-12-04 273000]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-05 354840]
R2 IePluginService;IePlugin Service; C:\ProgramData\IePluginService\PluginService.exe [2014-02-26 508016]
R2 Level Quality Watcher;Level Quality Watcher; C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe [2014-01-27 710976]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-10-01 268824]
R2 MovieMode;Movie Mode; C:\ProgramData\MovieMode\MovieModeService.exe [2014-02-11 55440]
R2 NewPlayerUpdaterService;NewPlayer Updater Service; C:\Program Files (x86)\NewPlayer\NewPlayerUpdaterService.exe [2014-03-10 11776]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2009-09-25 62720]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-06-18 144640]
R2 Re-markit;Re-markit; C:\Program Files (x86)\Re-markit-soft\Re-markit157.exe [2014-03-15 195072]
R2 RS_Service;Raw Socket Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [2009-07-10 253952]
R2 SavingsbullFilterService64;SavingsbullFilterService64; c:\Program Files\SavingsbullFilter\SavingsbullFilterService64.exe [2014-01-16 167936]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2320920]
R2 Update melondrea;Update melondrea; C:\Program Files (x86)\melondrea\updatemelondrea.exe [2014-03-19 348960]
R2 Updater Service for AMZN;Updater Service for AMZN; C:\Program Files (x86)\Amazon Browser Bar\ToolbarUpdaterService.exe [2013-03-21 222368]
R2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2009-07-04 240160]
R2 Util melondrea;Util melondrea; C:\Program Files (x86)\melondrea\bin\utilmelondrea.exe [2014-03-19 348960]
R2 V-bates Updater;V-bates Updater; C:\Program Files\V-bates\ExtensionUpdaterService.exe [2014-02-26 209408]
R2 Wpm;Wpm Service; C:\ProgramData\WPM\wprotectmanager.exe [2014-03-15 496640]
R3 iPod Service;iPod-Dienst; C:\Program Files\iPod\bin\iPodService.exe [2013-11-02 641352]
S2 BackupStack;Computer Backup (MyPC Backup); C:\Program Files (x86)\MyPC Backup\BackupStack.exe [2014-02-18 36392]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 DatamngrCoordinator;Datamngr Coordinator; C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe []
S2 savesenselive;SaveSenseLive Service (savesenselive); C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe [2014-03-15 146920]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-19 257928]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-03-01 111616]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-02-16 118896]
S3 MWLService;MyWinLocker Service; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [2009-09-11 305448]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-06-18 50432]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 savesenselivem;SaveSenseLive Service (savesenselivem); C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe [2014-03-15 146920]
S4 AntiVirWebService;Avira Browser-Schutz; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [2014-02-20 1017424]
S4 aspnet_state;ASP.NET-Zustandsdienst; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

Smaaarja, cela zoo i s babkou pokladni

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

• Ulozte nejlepe na plochu
• Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
• Probehne vytvoreni zalohy a nasledne prohledavani
• Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 7 Home Premium x64
Ran by Andy on 19.03.2014 at 23:23:27,71
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services

Successfully stopped: [Service] backupstack
Successfully deleted: [Service] backupstack
Successfully stopped: [Service] datamngrcoordinator
Successfully deleted: [Service] datamngrcoordinator
Successfully stopped: [Service] savesenselive
Successfully deleted: [Service] savesenselive
Successfully stopped: [Service] savesenselivem
Successfully deleted: [Service] savesenselivem



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\pc speed maximizer
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{3004627E-F8E9-4E8B-909D-316753CBA923}
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully deleted [Registry Value] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs\\bProtectTabs



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\extension.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{998745A3-2AE4-488D-8092-B98FB20A00C2}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A18D16ED-27B2-4B83-B70C-15E73F099546}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{BEE7E029-5037-4DAD-A2DB-82E397AB1A44}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{C1424421-D274-491E-9D47-11C8D8CB5F9A}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\distromatic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\ilivid
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installcore
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installedbrowserextensions
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\mysearchdial
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\pc speed maximizer
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\systweak
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\crossrider
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\dynconie
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2572004753-489833056-2062872051-1001\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\iminent
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\installcore
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\installedbrowserextensions
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\searchprotect
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\systweak
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\esrv.mysearchdialesrvc
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\esrv.mysearchdialesrvc.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\extension.extensionhelperobject
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\extension.extensionhelperobject.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mysearchdial.mysearchdialappcore
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mysearchdial.mysearchdialappcore.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mysearchdial.mysearchdialdskbnd
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mysearchdial.mysearchdialdskbnd.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mysearchdial.mysearchdialhlpr
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mysearchdial.mysearchdialhlpr.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\speedupmypc
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\speedupmypc_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\speedupmypc_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\mysearchdial
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\regclean pro_is1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\searchprotect
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{e55b3271-7ca8-4d0c-ae06-69a24856e996}_is1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0044150.BHO
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0044150.BHO.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0044150.Sandbox
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0044150.Sandbox.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0051578.BHO
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0051578.BHO.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0051578.Sandbox
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0051578.Sandbox.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110411411150}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110511151178}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220422412250}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220522152278}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{55555555-5555-5555-5555-550455415550}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{55555555-5555-5555-5555-550555155578}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660466416650}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660566156678}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{44444444-4444-4444-4444-440444414450}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{44444444-4444-4444-4444-440544154478}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{11111111-1111-1111-1111-110411411150}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{11111111-1111-1111-1111-110511151178}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{22222222-2222-2222-2222-220422412250}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{22222222-2222-2222-2222-220522152278}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{55555555-5555-5555-5555-550455415550}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{55555555-5555-5555-5555-550555155578}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{66666666-6666-6666-6666-660466416650}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{66666666-6666-6666-6666-660566156678}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440444414450}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440544154478}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0044150.BHO
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0044150.BHO.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0044150.Sandbox
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0044150.Sandbox.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0051578.BHO
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0051578.BHO.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0051578.Sandbox
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0051578.Sandbox.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{55555555-5555-5555-5555-550455415550}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{55555555-5555-5555-5555-550555155578}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660466416650}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660566156678}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TypeLib\{44444444-4444-4444-4444-440444414450}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TypeLib\{44444444-4444-4444-4444-440544154478}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110411411150}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110511151178}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\UpdateTask_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\UpdateTask_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{55555555-5555-5555-5555-550455415550}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{55555555-5555-5555-5555-550555155578}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{66666666-6666-6666-6666-660466416650}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{66666666-6666-6666-6666-660566156678}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440444414450}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440544154478}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\UpdateTask_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\UpdateTask_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411411150}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511151178}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10AD2C61-0898-4348-8600-14A342F22AC3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{10AD2C61-0898-4348-8600-14A342F22AC3}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{71e129ff-6c2a-4984-818c-7e2c998b8d99}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{71e129ff-6c2a-4984-818c-7e2c998b8d99}



~~~ Files

Successfully deleted: [File] C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineCore.job
Successfully deleted: [File] C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineUA.job
Successfully deleted: [File] "C:\Users\Andy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\speedupmypc.lnk"
Successfully deleted: [File] "C:\end"



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\bitguard"
Successfully deleted: [Folder] "C:\ProgramData\browser manager"
Successfully deleted: [Folder] "C:\ProgramData\browserprotect"
Successfully deleted: [Folder] "C:\ProgramData\dsearchlink"
Successfully deleted: [Folder] "C:\ProgramData\partner"
Successfully deleted: [Folder] "C:\ProgramData\savesenselive"
Successfully deleted: [Folder] "C:\Users\Andy\AppData\Roaming\babylon"
Successfully deleted: [Folder] "C:\Users\Andy\AppData\Roaming\dvdvideosoftiehelpers"
Successfully deleted: [Folder] "C:\Users\Andy\AppData\Roaming\mysearchdial"
Successfully deleted: [Folder] "C:\Users\Andy\AppData\Roaming\opencandy"
Successfully deleted: [Folder] "C:\Users\Andy\AppData\Roaming\pc speed maximizer"
Successfully deleted: [Folder] "C:\Users\Andy\AppData\Roaming\savesense"
Failed to delete: [Folder] "C:\Users\Andy\AppData\Roaming\systweak"
Successfully deleted: [Folder] "C:\Users\Andy\appdata\local\amazon browser bar"
Successfully deleted: [Folder] "C:\Users\Andy\appdata\local\savesense"
Successfully deleted: [Folder] "C:\Users\Andy\appdata\local\savesenselive"
Successfully deleted: [Folder] "C:\Users\Andy\appdata\local\searchprotect"
Successfully deleted: [Folder] "C:\Users\Andy\appdata\local\torch"
Successfully deleted: [Folder] "C:\Users\Andy\appdata\locallow\delta"
Successfully deleted: [Folder] "C:\Users\Andy\appdata\locallow\mysearchdial"
Failed to delete: [Folder] "C:\Program Files (x86)\advanced system protector"
Successfully deleted: [Folder] "C:\Program Files (x86)\amazon browser bar"
Successfully deleted: [Folder] "C:\Program Files (x86)\bearshare applications"
Successfully deleted: [Folder] "C:\Program Files (x86)\mypc backup"
Successfully deleted: [Folder] "C:\Program Files (x86)\mysearchdial"
Failed to delete: [Folder] "C:\Program Files (x86)\pc speed maximizer"
Successfully deleted: [Folder] "C:\Program Files (x86)\regclean pro"
Successfully deleted: [Folder] "C:\Program Files (x86)\savesenselive"
Successfully deleted: [Folder] "C:\Program Files (x86)\searchprotect"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\uniblue"
Successfully deleted: [Folder] "C:\Users\Andy\AppData\Roaming\microsoft\windows\start menu\programs\mypc backup"



~~~ FireFox

Successfully deleted: [File] C:\Users\Andy\AppData\Roaming\mozilla\firefox\profiles\zm4q99h3.default\user.js
Successfully deleted: [File] C:\Users\Andy\AppData\Roaming\mozilla\firefox\profiles\zm4q99h3.default\invalidprefs.js
Successfully deleted: [File] C:\Users\Andy\AppData\Roaming\mozilla\firefox\profiles\zm4q99h3.default\searchplugins\ask.xml
Successfully deleted: [File] C:\Users\Andy\AppData\Roaming\mozilla\firefox\profiles\zm4q99h3.default\searchplugins\mysearchdial.xml
Successfully deleted: [Folder] C:\Users\Andy\AppData\Roaming\mozilla\firefox\profiles\zm4q99h3.default\extensions\{cfc3366e-c743-48b5-a136-642e86be865e}
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{acaa314b-eeba-48e4-ad47-84e31c44796c}
Successfully deleted the following from C:\Users\Andy\AppData\Roaming\mozilla\firefox\profiles\zm4q99h3.default\prefs.js

user_pref("extensions.crossrider.bic", "144dabfa4f7ece6ac0555b6eb7a72e82");
user_pref("extensions.mysearchdial.AL", 2);
user_pref("extensions.mysearchdial.aflt", "cmi_14_11_ff");
user_pref("extensions.mysearchdial.appId", "{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}");
user_pref("extensions.mysearchdial.cd", "2XzuyEtN2Y1L1QzutDtDtByCtB0DyBzytBzy0CyDtAtAyByDtN0D0Tzu0SzztDyDtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2S
user_pref("extensions.mysearchdial.cntry", "DE");
user_pref("extensions.mysearchdial.cr", "18222902");
user_pref("extensions.mysearchdial.dfltLng", "");
user_pref("extensions.mysearchdial.dfltSrch", true);
user_pref("extensions.mysearchdial.dnsErr", true);
user_pref("extensions.mysearchdial.dpkLst", "3654782829,1334533236,1121012847,231756876,1895130307,603719297,4288797614,3754950497,426401714,3046281807,752626116,1657571787,32
user_pref("extensions.mysearchdial.dspFFXOld", "");
user_pref("extensions.mysearchdial.excTlbr", false);
user_pref("extensions.mysearchdial.hdrMd5", "35268B0A93E6CAC7CFA2922B39856211");
user_pref("extensions.mysearchdial.hmpg", true);
user_pref("extensions.mysearchdial.hmpgUrl", "hxxp://start.mysearchdial.com/?f=1&a=cmi_14_11_ff&cd=2XzuyEtN2Y1L1QzutDtDtByCtB0DyBzytBzy0CyDtAtAyByDtN0D0Tzu0SzztDyDtN1L2XzutBtF
user_pref("extensions.mysearchdial.hpFFXOld", "chrome://branding/locale/browserconfig.properties");
user_pref("extensions.mysearchdial.id", "00262D7929C53375");
user_pref("extensions.mysearchdial.instlDay", "16144");
user_pref("extensions.mysearchdial.instlRef", "140305_a");
user_pref("extensions.mysearchdial.lastB", "chrome://branding/locale/browserconfig.properties");
user_pref("extensions.mysearchdial.lastVrsnTs", "1.8.29.013:58:12");
user_pref("extensions.mysearchdial.newTabUrl", "hxxp://start.mysearchdial.com/?f=2&a=cmi_14_11_ff&cd=2XzuyEtN2Y1L1QzutDtDtByCtB0DyBzytBzy0CyDtAtAyByDtN0D0Tzu0SzztDyDtN1L2XzutB
user_pref("extensions.mysearchdial.pnu_base", "{\"newVrsn\":\"92\",\"lastVrsn\":\"92\",\"vrsnLoad\":\"\",\"showMsg\":\"false\",\"showSilent\":\"false\",\"msgTs\":0,\"lstMsgTs\
user_pref("extensions.mysearchdial.prdct", "mysearchdial");
user_pref("extensions.mysearchdial.prtnrId", "mysearchdial");
user_pref("extensions.mysearchdial.sg", "none");
user_pref("extensions.mysearchdial.srchPrvdr", "Mysearchdial");
user_pref("extensions.mysearchdial.tlbrId", "base");
user_pref("extensions.mysearchdial.tlbrSrchUrl", "hxxp://start.mysearchdial.com/?f=3&a=cmi_14_11_ff&cd=2XzuyEtN2Y1L1QzutDtDtByCtB0DyBzytBzy0CyDtAtAyByDtN0D0Tzu0SzztDyDtN1L2Xzu
user_pref("extensions.mysearchdial.vrsn", "1.8.29.0");
user_pref("extensions.mysearchdial.vrsni", "1.8.29.0");
user_pref("extensions.mysearchdial_i.newTab", false);
user_pref("extensions.mysearchdial_i.smplGrp", "none");
user_pref("extensions.mysearchdial_i.vrsnTs", "1.8.29.013:58:12");
user_pref("{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}.ScriptData_VBATES_partn_time_www.search.ask.com", "not set");
Emptied folder: C:\Users\Andy\AppData\Roaming\mozilla\firefox\profiles\zm4q99h3.default\minidumps [37 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 19.03.2014 at 23:31:17,36
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

# AdwCleaner v3.022 - Bericht erstellt am 19/03/2014 um 23:41:18
# Aktualisiert 13/03/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Andy - ANDY-PC
# Gestartet von : C:\Users\Andy\Downloads\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****

[#] Dienst Gelöscht : hlnfd
Dienst Gelöscht : hlsvc
Dienst Gelöscht : IePluginService
Dienst Gelöscht : Level Quality Watcher
Dienst Gelöscht : MovieMode
Dienst Gelöscht : Re-markit
Dienst Gelöscht : SavingsbullFilterService64
[#] Dienst Gelöscht : Updater Service for AMZN
Dienst Gelöscht : Wpm

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\IePluginService
Ordner Gelöscht : C:\ProgramData\MovieMode
Ordner Gelöscht : C:\ProgramData\WPM
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewPlayer
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Speed Maximizer
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
Ordner Gelöscht : C:\Program Files (x86)\Advanced System Protector
Ordner Gelöscht : C:\Program Files (x86)\Highlightly
Ordner Gelöscht : C:\Program Files (x86)\IminentToolbar
Ordner Gelöscht : C:\Program Files (x86)\melondrea
Ordner Gelöscht : C:\Program Files (x86)\Music Toolbar
Ordner Gelöscht : C:\Program Files (x86)\NewPlayer
Ordner Gelöscht : C:\Program Files (x86)\PC Speed Maximizer
Ordner Gelöscht : C:\Program Files (x86)\SavingsBull
Ordner Gelöscht : C:\Program Files (x86)\SupTab
Ordner Gelöscht : C:\Program Files (x86)\uniblue
Ordner Gelöscht : C:\Program Files (x86)\media enhance
Ordner Gelöscht : C:\Program Files (x86)\video-high
Ordner Gelöscht : C:\Windows\Installer\{6DDE8071-E4BA-461B-8A96-990DFAA0EBD1}
Ordner Gelöscht : C:\Windows\Installer\{813BA625-B0FA-48D8-9B75-59759C88C219}
Ordner Gelöscht : C:\Program Files\Highlightly
Ordner Gelöscht : C:\Program Files\Level Quality Watcher
Ordner Gelöscht : C:\Program Files\SavingsBull
Ordner Gelöscht : C:\Program Files\SavingsbullFilter
Ordner Gelöscht : C:\Program Files\v-bates
Ordner Gelöscht : C:\Users\Andy\AppData\Local\MovieMode
Ordner Gelöscht : C:\Users\Andy\AppData\Local\NewPlayer
Ordner Gelöscht : C:\Users\Andy\AppData\Roaming\awesomehp
Ordner Gelöscht : C:\Users\Andy\AppData\Roaming\IminentToolbar
Ordner Gelöscht : C:\Users\Andy\AppData\Roaming\SupTab
Ordner Gelöscht : C:\Users\Andy\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\Andy\AppData\Roaming\uniblue
Ordner Gelöscht : C:\Users\Andy\AppData\Roaming\UpdaterEX
Ordner Gelöscht : C:\Users\Andy\AppData\Roaming\VOPackage
Ordner Gelöscht : C:\Users\Andy\AppData\Roaming\Windows Net Data
Ordner Gelöscht : C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
Ordner Gelöscht : C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SaveSense
Ordner Gelöscht : C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
Ordner Gelöscht : C:\Users\Andy\Documents\PC Speed Maximizer
Ordner Gelöscht : C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\zm4q99h3.default\Extensions\{2d7886a0-85bb-4bf2-b684-ba92b4b21d23}
Ordner Gelöscht : C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\zm4q99h3.default\Extensions\EFGLQA@78ETGYN-0W7FN789T87.COM
Ordner Gelöscht : C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\zm4q99h3.default\Extensions\ffxtlbr@mysearchdial.com
Ordner Gelöscht : C:\Program Files (x86)\Mozilla Firefox\Extensions\gethighlightly@gethighlightly.com
Ordner Gelöscht : C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\zm4q99h3.default\Extensions\quick_start@gmail.com
Ordner Gelöscht : C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\zm4q99h3.default\Extensions\0c822a17-a68f-4066-9257-d229458d21ca@9c178d17-dc61-4aaf-b2da-1425ac7300ac.com
Ordner Gelöscht : C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\zm4q99h3.default\Extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com
Ordner Gelöscht : C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcpfhaghaadpjpgocojgnlhjcieeooel
Ordner Gelöscht : C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna
Ordner Gelöscht : C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo
[!] Ordner Gelöscht : C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna
Datei Gelöscht : C:\Windows\System32\roboot64.exe
Datei Gelöscht : C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\Ask.xml
Datei Gelöscht : C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\zm4q99h3.default\searchplugins\buenosearch.xml
Datei Gelöscht : C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\zm4q99h3.default\searchplugins\conduit-search.xml
Datei Gelöscht : C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\zm4q99h3.default\searchplugins\iminent.xml
Datei Gelöscht : C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eooncjejnppfjjklapaamhcdmjbilmde_0.localstorage
Datei Gelöscht : C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
Datei Gelöscht : C:\Windows\Tasks\MySearchDial.job
Datei Gelöscht : C:\Windows\System32\Tasks\MySearchDial
Datei Gelöscht : C:\Windows\System32\Tasks\RegClean Pro
Datei Gelöscht : C:\Windows\Tasks\RegClean Pro_DEFAULT.job
Datei Gelöscht : C:\Windows\System32\Tasks\RegClean Pro_DEFAULT
Datei Gelöscht : C:\Windows\Tasks\RegClean Pro_UPDATES.job
Datei Gelöscht : C:\Windows\System32\Tasks\RegClean Pro_UPDATES
Datei Gelöscht : C:\Windows\Tasks\Re-markit Update.job
Datei Gelöscht : C:\Windows\System32\Tasks\Re-markit Update
Datei Gelöscht : C:\Windows\Tasks\SaveSense.job
Datei Gelöscht : C:\Windows\System32\Tasks\SaveSense
Datei Gelöscht : C:\Windows\Tasks\SpeedUpMyPC Maintenance.job
Datei Gelöscht : C:\Windows\System32\Tasks\SpeedUpMyPC Maintenance
Datei Gelöscht : C:\Windows\Tasks\SpeedUpMyPC Startup.job
Datei Gelöscht : C:\Windows\System32\Tasks\SpeedUpMyPC Startup
Datei Gelöscht : C:\Windows\Tasks\UpdaterEX.job
Datei Gelöscht : C:\Windows\System32\Tasks\UpdaterEX
Datei Gelöscht : C:\Windows\Tasks\media enhance-chromeinstaller.job
Datei Gelöscht : C:\Windows\System32\Tasks\media enhance-chromeinstaller
Datei Gelöscht : C:\Windows\Tasks\media enhance-codedownloader.job
Datei Gelöscht : C:\Windows\System32\Tasks\media enhance-codedownloader
Datei Gelöscht : C:\Windows\Tasks\media enhance-enabler.job
Datei Gelöscht : C:\Windows\System32\Tasks\media enhance-enabler
Datei Gelöscht : C:\Windows\Tasks\media enhance-firefoxinstaller.job
Datei Gelöscht : C:\Windows\System32\Tasks\media enhance-firefoxinstaller
Datei Gelöscht : C:\Windows\Tasks\media enhance-updater.job
Datei Gelöscht : C:\Windows\System32\Tasks\media enhance-updater
Datei Gelöscht : C:\Windows\Tasks\video-high-chromeinstaller.job
Datei Gelöscht : C:\Windows\System32\Tasks\video-high-chromeinstaller
Datei Gelöscht : C:\Windows\Tasks\video-high-codedownloader.job
Datei Gelöscht : C:\Windows\System32\Tasks\video-high-codedownloader
Datei Gelöscht : C:\Windows\Tasks\video-high-enabler.job
Datei Gelöscht : C:\Windows\System32\Tasks\video-high-enabler
Datei Gelöscht : C:\Windows\Tasks\video-high-firefoxinstaller.job
Datei Gelöscht : C:\Windows\System32\Tasks\video-high-firefoxinstaller
Datei Gelöscht : C:\Windows\Tasks\video-high-updater.job
Datei Gelöscht : C:\Windows\System32\Tasks\video-high-updater

***** [ Verknüpfungen ] *****

Verknüpfung Desinfiziert : C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Verknüpfung Desinfiziert : C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Verknüpfung Desinfiziert : C:\Users\Andy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Verknüpfung Desinfiziert : C:\Users\Andy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk

***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}]
Wert Gelöscht : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}]
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [gethighlightly@gethighlightly.com]
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [quick_start@gmail.com]
Schlüssel Gelöscht : HKCU\Software\Classes\iLivid.torrent
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeShellExt.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsemngr.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsermngr.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bundlesweetimsetup.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cltmngsvc.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta babylon.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta tb.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta2.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltainstaller.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltasetup.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb_2501-c733154b.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iminentsetup.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sweetimsetup.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tbdelta.exetoolbar783881609.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@tools.updaterss.com/SaveSenseLive Update;version=3
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@tools.updaterss.com/SaveSenseLive Update;version=9
Schlüssel Gelöscht : HKCU\Software\5d57d6dab73feb44
Schlüssel Gelöscht : HKLM\SOFTWARE\5d57d6dab73feb44
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3004627E-F8E9-4E8B-909D-316753CBA923}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4ED063C9-4A0B-4B44-A9DC-23AFF424A0D3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C358B3D0-B911-41E3-A276-E7D43A6BA56D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10AD2C61-0898-4348-8600-14A342F22AC3}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3004627E-F8E9-4E8B-909D-316753CBA923}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{71E129FF-6C2A-4984-818C-7E2C998B8D99}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{828DC97A-2277-4E10-92A9-4907FA0922A9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F1C81E40-2485-4DB6-8C9D-04BD596B281E}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10AD2C61-0898-4348-8600-14A342F22AC3}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3004627E-F8E9-4E8B-909D-316753CBA923}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{71E129FF-6C2A-4984-818C-7E2C998B8D99}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{828DC97A-2277-4E10-92A9-4907FA0922A9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F1C81E40-2485-4DB6-8C9D-04BD596B281E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{219046AE-358F-4CF1-B1FD-2B4DE83642A8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{70b3bc5b-5f41-4c27-9019-0a83d25ef2c8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{b205035b-75c4-4557-86ac-2f58f2db0e00}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1ae04115-dbc5-4b27-8855-12e17fe15973}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{eef96306-55d9-4cd6-8eab-1e4686d52d4b}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{70b3bc5b-5f41-4c27-9019-0a83d25ef2c8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{b205035b-75c4-4557-86ac-2f58f2db0e00}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1ae04115-dbc5-4b27-8855-12e17fe15973}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{eef96306-55d9-4cd6-8eab-1e4686d52d4b}
Daten Wiederhergestellt : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Daten Wiederhergestellt : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command
Schlüssel Gelöscht : HKCU\Software\mysearchdial.com
Schlüssel Gelöscht : HKCU\Software\SaveSenseLive
Schlüssel Gelöscht : HKCU\Software\SavingsBull
Schlüssel Gelöscht : HKCU\Software\UpdaterEX
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Savings Bull
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SavingsBull
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\media enhance
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\video-high
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\SaveSenseLive
Schlüssel Gelöscht : HKLM\Software\SavingsBullFilter
Schlüssel Gelöscht : HKLM\Software\supTab
Schlüssel Gelöscht : HKLM\Software\supWPM
Schlüssel Gelöscht : HKLM\Software\Uniblue
Schlüssel Gelöscht : HKLM\Software\media enhance
Schlüssel Gelöscht : HKLM\Software\video-high
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\UpdaterEX
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6DDE8071-E4BA-461B-8A96-990DFAA0EBD1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Amazon Browser Settings
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IePlugins
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\supTab
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wpm
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\media enhance
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\video-high
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\installedbrowserextensions
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Savings Bull
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\SavingsBull Filter
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{813BA625-B0FA-48D8-9B75-59759C88C219}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\1708EDD6AB4EB164A86999D0AF0ABE1D
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\526AB318AF0B8D84B9579557C9882C91
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\1708EDD6AB4EB164A86999D0AF0ABE1D
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\526AB318AF0B8D84B9579557C9882C91

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16521

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Mozilla Firefox v27.0.1 (de)

[ Datei : C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\zm4q99h3.default\prefs.js ]

Zeile gelöscht : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.InstallationThankYouPage", false);
Zeile gelöscht : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.InstallationTime", 1394886483);
Zeile gelöscht : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150_dbWasSet", true);
Zeile gelöscht : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150_dbWasSet_FF25_FIX", true[...]
Zeile gelöscht : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.active", true);
Zeile gelöscht : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.addressbar", "NA");
Zeile gelöscht : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.addressbarenhanced", "");
Zeile gelöscht : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.asyncdb.was_copied", "true");
Zeile gelöscht : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.asyncdb_dbWasSet", true);
Zeile gelöscht : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.asyncdb_dbWasSet_FF25_FIX", true);
Zeile gelöscht : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.asyncinternaldb.was_copied", "true");
Zeile gelöscht : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.asyncinternaldb_dbWasSet", true);
Zeile gelöscht : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.asyncinternaldb_dbWasSet_FF25_FIX", true);
Zeile gelöscht : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.backgroundver", 1);
Zeile gelöscht : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.certdomaininstaller", "");
Zeile gelöscht : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.changeprevious", false);
Zeile gelöscht : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.cookie.InstallationTime.value", "%221394886483%22");
Zeile gelöscht : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.cookie.InstallerParams.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.cookie.InstallerParams.value", "%7B%22source_id%22%3A%22000555%22%2C%22sub_id%22%3A%22verticals-ad[...]
Zeile gelöscht : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.description", "MediaPlayerEnhance Extension");
Zeile gelöscht : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.domain", "");
Zeile gelöscht : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.enablesearch", false);
Zeile gelöscht : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.homepage", "");
Zeile gelöscht : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.iframe", false);
Zeile gelöscht : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.internaldb.InstallerIdentifiers.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.internaldb.InstallerIdentifiers.value", "%7B%22installer_bic%22%3A%22AD44B58FD9DF46D8BCC9A9BAF4074[...]
Zeile gelöscht : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.internaldb.InstallerParams.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.internaldb.InstallerParams.value", "%7B%22source_id%22%3A%22000555%22%2C%22sub_id%22%3A%22vertical[...]
Zeile gelöscht : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.internaldb.InstallerParamsCache.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.internaldb.InstallerParamsCache.value", "%7B%22source_id%22%3A%22000555%22%2C%22sub_id%22%3A%22ver[...]
Zeile gelöscht : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.internaldb.InstallerUserIdentifiersCache.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.internaldb.InstallerUserIdentifiersCache.value", "%7B%22installer_bic%22%3A%22AD44B58FD9DF46D8BCC9[...]
Zeile gelöscht : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.internaldb.Resources_appVer.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.internaldb.Resources_appVer.value", "82");
Zeile gelöscht : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.internaldb.Resources_lastVersion.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.internaldb.Resources_lastVersion.value", "2");
Zeile gelöscht : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.internaldb.Resources_meta.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.internaldb.Resources_meta.value", "%7B%7D");
Zeile gelöscht : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.internaldb.Resources_nextCheck.expiration", "Thu Mar 20 2014 05:19:02 GMT+0100");
Zeile gelöscht : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.internaldb.Resources_nextCheck.value", "true");
Zeile gelöscht : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.internaldb.Resources_queue.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.internaldb.Resources_queue.value", "%7B%7D");
Zeile gelöscht : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.internaldb.__defualt_browser__.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.internaldb.__defualt_browser__.value", "%22ff%22");
Zeile gelöscht : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.internaldb.installer.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.internaldb.installer.value", "%7B%22InstallerIdentifiers%22%3A%7B%22installer_bic%22%3A%22AD44B58F[...]
Zeile gelöscht : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.internaldb.monetization_plugin_bundledUrls.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssf[...]
Zeile gelöscht : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.internaldb.monetization_plugin_bundledWithHash.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.internaldb.monetization_plugin_bundledWithHash.value", "null");
Zeile gelöscht : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.internaldb.monetization_plugin_last_executable_request.expiration", "Thu Mar 20 2014 03:56:41 GMT+[...]
Zeile gelöscht : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.internaldb.monetization_plugin_last_executable_request.value", "%22hxxp%3A//vyosek.tym.cz/pro_user[...]
Zeile gelöscht : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.internaldb.monetization_plugin_notBundledArr_.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.internaldb.monetization_plugin_notBundledArr_.value", "%5B%5D");
Zeile gelöscht : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.lastDailyReport", "1395267541686");
Zeile gelöscht : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.lastUpdate", "1395267539909");
Zeile gelöscht : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.manifesturl", "");
Zeile gelöscht : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.name", "MediaPlayerEnhance");
Zeile gelöscht : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.newtab", "");
Zeile gelöscht : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.opensearch", "");
Zeile gelöscht : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.pluginsurl", "hxxps://w9u6a2p6.ssl.hwcdn.net/plugin/apps/44150/plugins/094/ff/plugins.json");
Zeile gelöscht : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.pluginsversion", 75);
Zeile gelöscht : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.publisher", "Feven");
Zeile gelöscht : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.searchstatus", 0);
Zeile gelöscht : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.setnewtab", false);
Zeile gelöscht : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.thankyou", "");
Zeile gelöscht : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.updateinterval", 360);
Zeile gelöscht : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.ver", 82);
Zeile gelöscht : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.FilesValidatorDueTime", "1395239454884");
Zeile gelöscht : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.apps", "44150");
Zeile gelöscht : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.bic", "144dabfa4f7ece6ac0555b6eb7a72e82");
Zeile gelöscht : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.cid", 44150);
Zeile gelöscht : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.firstrun", false);
Zeile gelöscht : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.hadappinstalled", true);
Zeile gelöscht : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.installationdate", 1395239397);
Zeile gelöscht : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.modetype", "production");
Zeile gelöscht : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.reportInstall", true);
Zeile gelöscht : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.statsDailyCounter", 2);
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.51578.InstallationThankYouPage", true);
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.51578.InstallationTime", 1394886400);
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.51578.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578_dbWasSet", true);
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.51578.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578_dbWasSet_FF25_FIX", true[...]
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.51578.active", true);
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.51578.addressbar", "NA");
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.51578.addressbarenhanced", "");
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.51578.asyncdb.was_copied", "true");
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.51578.asyncdb_dbWasSet", true);
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.51578.asyncdb_dbWasSet_FF25_FIX", true);
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.51578.asyncinternaldb.was_copied", "true");
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.51578.asyncinternaldb_dbWasSet", true);
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.51578.asyncinternaldb_dbWasSet_FF25_FIX", true);
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.51578.backgroundver", 1);
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.51578.certdomaininstaller", "");
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.51578.changeprevious", false);
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.51578.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.51578.cookie.InstallationTime.value", "%221394886400%22");
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.51578.cookie.InstallerParams.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.51578.cookie.InstallerParams.value", "%7B%22source_id%22%3A%22001218%22%2C%22sub_id%22%3A%220%22%2C%22uz[...]
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.51578.cookie.iframe-exists.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.51578.cookie.iframe-exists.value", "true");
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.51578.cookie.jw_token.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.51578.cookie.jw_token.value", "%226c7b76f2-6cb4-d513-41cf-bb9a01f23e00%22");
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.51578.description", "HQ Videos is an add-on for your Internet browser that enhances your online experien[...]
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.51578.domain", "");
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.51578.enablesearch", false);
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.51578.homepage", "");
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.51578.iframe", false);
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.51578.internaldb.InstallerIdentifiers.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.51578.internaldb.InstallerIdentifiers.value", "%7B%22installer_bic%22%3A%22AD44B58FD9DF46D8BCC9A9BAF4074[...]
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.51578.internaldb.InstallerParams.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.51578.internaldb.InstallerParams.value", "%7B%22source_id%22%3A%22001218%22%2C%22sub_id%22%3A%220%22%2C%[...]
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.51578.internaldb.InstallerParamsCache.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.51578.internaldb.InstallerParamsCache.value", "%7B%22source_id%22%3A%22001218%22%2C%22sub_id%22%3A%220%2[...]
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.51578.internaldb.InstallerUserIdentifiersCache.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.51578.internaldb.InstallerUserIdentifiersCache.value", "%7B%22installer_bic%22%3A%22AD44B58FD9DF46D8BCC9[...]
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.51578.internaldb.Resources_appVer.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.51578.internaldb.Resources_appVer.value", "30");
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.51578.internaldb.Resources_lastVersion.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.51578.internaldb.Resources_lastVersion.value", "1");
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.51578.internaldb.Resources_meta.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.51578.internaldb.Resources_meta.value", "%7B%7D");
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.51578.internaldb.Resources_nextCheck.expiration", "Thu Mar 20 2014 05:19:04 GMT+0100");
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.51578.internaldb.Resources_nextCheck.value", "true");
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.51578.internaldb.Resources_queue.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.51578.internaldb.Resources_queue.value", "%7B%7D");
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.51578.internaldb.Resources_remote_resources.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.51578.internaldb.Resources_remote_resources.value", "%7B%22remoteId%22%3A0%7D");
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.51578.internaldb.__defualt_browser__.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.51578.internaldb.__defualt_browser__.value", "%22ff%22");
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.51578.internaldb.installer.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.51578.internaldb.installer.value", "%7B%22InstallerIdentifiers%22%3A%7B%22installer_bic%22%3A%22AD44B58F[...]
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.51578.internaldb.monetization_plugin_bundledUrls.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.51578.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssf[...]
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.51578.internaldb.monetization_plugin_bundledWithHash.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.51578.internaldb.monetization_plugin_bundledWithHash.value", "null");
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.51578.internaldb.monetization_plugin_notBundledArr_.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.51578.internaldb.monetization_plugin_notBundledArr_.value", "%5B%5D");
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.51578.lastDailyReport", "1395267541686");
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.51578.lastUpdate", "1395267544923");
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.51578.manifesturl", "");
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.51578.name", "HQ-Video-Profession-1.3");
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.51578.newtab", "");
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.51578.opensearch", "");
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.51578.pluginsurl", "hxxps://w9u6a2p6.ssl.hwcdn.net/plugin/apps/51578/plugins/094/ff/plugins.json");
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.51578.pluginsversion", 26);
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.51578.publisher", "HQ-Video");
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.51578.searchstatus", 0);
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.51578.setnewtab", false);
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.51578.thankyou", "");
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.51578.updateinterval", 360);
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.51578.ver", 30);
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.FilesValidatorDueTime", "1395239454983");
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.apps", "51578");
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.bic", "144dabfa4f7ece6ac0555b6eb7a72e82");
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.cid", 51578);
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.firstrun", false);
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.hadappinstalled", true);
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.installationdate", 1395239397);
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.modetype", "production");
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.reportInstall", true);
Zeile gelöscht : user_pref("extensions.a13c471d96cbb4c089dd18dc16c66bb1fcf5065afca24464aa637af7582a82514com51578.statsDailyCounter", 2);
Zeile gelöscht : user_pref("extensions.enabledAddons", "amazon-icon%40giga.de:1.1,%7B09C79CB0-9AB0-B179-4F3E-DDB93CE109BE%7D:5.0.0.11465,gethighlightly%40gethighlightly.com:1.9.0.0,%7Bc047df5e-0fda-4055-b5db-a96a8a34a[...]
Zeile gelöscht : user_pref("extensions.mysearchdial.cntry", "DE");
Zeile gelöscht : user_pref("extensions.mysearchdial.dpkLst", "3654782829,1334533236,1121012847,231756876,1895130307,603719297,4288797614,3754950497,426401714,3046281807,752626116,1657571787,3224935090,2597085128,18285[...]
Zeile gelöscht : user_pref("extensions.mysearchdial.hdrMd5", "");
Zeile gelöscht : user_pref("extensions.mysearchdial.lastB", "hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit ... 17f6c16a_3[...]
Zeile gelöscht : user_pref("extensions.mysearchdial.lastVrsnTs", "");
Zeile gelöscht : user_pref("extensions.mysearchdial.pnu_base", "{\"newVrsn\":\"92\",\"lastVrsn\":\"92\",\"vrsnLoad\":\"\",\"showMsg\":\"false\",\"showSilent\":\"false\",\"msgTs\":0,\"lstMsgTs\":\"0\"}");
Zeile gelöscht : user_pref("extensions.mysearchdial.sg", "{smplGrp}");
Zeile gelöscht : user_pref("{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}.ScriptData_VBATES_partn_time_www.awesomehp.com", "not set");

-\\ Google Chrome v

[ Datei : C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [55450 octets] - [19/03/2014 23:38:21]
AdwCleaner[S0].txt - [50685 octets] - [19/03/2014 23:41:18]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [50746 octets] ##########

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
• Do okna vlozte skript nize

• Kód: Vybrat vše

  autoclean;
  emptyclsid;
  iedefaults;
  FFdefaults;
  CHRdefaults;
  emptyalltemp;
  resethosts;
  

• Nasledne kliknete na Run Script
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Zoek.exe v5.0.0.0 Updated 07-March-2014
Tool run by Andy on 20.03.2014 at 8:51:45,90.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Andy\Downloads\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

20.03.2014 08:53:54 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2572004753-489833056-2062872051-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{21EAF666-26B3-4a3c-ABD0-CA2F5A326744} deleted successfully
HKEY_USERS\S-1-5-21-2572004753-489833056-2062872051-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{21EAF666-26B3-4a3c-ABD0-CA2F5A326744} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Approved Extensions\{21EAF666-26B3-4a3c-ABD0-CA2F5A326744} deleted successfully
HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Approved Extensions\{21EAF666-26B3-4a3c-ABD0-CA2F5A326744} deleted successfully
HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Approved Extensions\{21EAF666-26B3-4a3c-ABD0-CA2F5A326744} deleted successfully

==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\zm4q99h3.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.de");
user_pref("browser.newtab.url", "chrome://quick_start/content/index.html");
user_pref("browser.search.defaultenginename", "Amazon ");
user_pref("browser.search.selectedEngine", "Amazon ");
user_pref("browser.search.order.1", "Amazon ");
user_pref("browser.search.useDBForOrder", false);

Added to C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\zm4q99h3.default\prefs.js:

ProfilePath: C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\zm4q99h3.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs__0902_.backup

==== Deleting Files \ Folders ======================

C:\PROGRA~2\Mozilla Firefox\defaults\preferences\!vitruvian-autoenable.js deleted
C:\PROGRA~2\Mozilla Firefox\defaults\preferences\!vitruvian-csp.js deleted
C:\PROGRA~2\Mozilla Firefox\browser\defaults\preferences\!vitruvian-autoenable.js deleted
C:\PROGRA~2\Mozilla Firefox\browser\defaults\preferences\!vitruvian-csp.js deleted
C:\PROGRA~2\COMMON~1\DVDVideoSoft\bin deleted
C:\PROGRA~2\Systweak Support Dock deleted
C:\Users\Andy\ChromeExtensions deleted
C:\Users\Andy\AppData\Roaming\Systweak deleted
C:\Users\Andy\AppData\Local\nss6911.tmp deleted
C:\Users\Andy\AppData\Local\avgchrome deleted
C:\Users\Andy\Downloads\iLividSetup-r20-n-bf.exe deleted
C:\Users\Andy\Downloads\rcpsetup2_dcomnew_util_728_dcomnew_util_728.exe deleted
C:\Users\Andy\Downloads\BearShareSetup-r0-n-bc-v12.exe deleted
C:\Users\Andy\Downloads\SoftonicDownloader_fuer_bearflix.exe deleted
C:\Users\Andy\Downloads\SoftonicDownloader_fuer_die-simpsons-der-film.exe deleted
C:\Users\Andy\AppData\LocalLow\bearsharemusicboxtoolbar181 deleted
C:\Users\Andy\AppData\LocalLow\buenosearch LTD deleted
C:\Windows\wininit.ini deleted
C:\Windows\Syswow64\RegistryHelperLM.ocx deleted
C:\Windows\SysWow64\searchplugins deleted
C:\Windows\SysWow64\Extensions deleted
C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\zm4q99h3.default\bearsharemusicboxtoolbar181 deleted
C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\zm4q99h3.default\jetpack deleted
C:\Users\Andy\AppData\Local\AnyProtectScannerSetup.exe deleted
C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\zm4q99h3.default\extensions\SavingsBull@jetpack deleted

==== Firefox Extensions ======================

ProfilePath: C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\zm4q99h3.default
- Amazon-Icon - %ProfilePath%\extensions\amazon-icon@giga.de
- Ask New Tabs - %ProfilePath%\extensions\{09C79CB0-9AB0-B179-4F3E-DDB93CE109BE}
- Amazon 1Button App for Firefox - %ProfilePath%\extensions\abb@amazon.com.xpi
- MySearchDial - %ProfilePath%\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\zm4q99h3.default
95812430959AE88CDD0301AB3A71913B - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll - Shockwave Flash
FF0D6F82A0EC13952E83B9439100E45D - C:\Users\Andy\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin


==== Deleted Firefox Extensions ======================

C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\zm4q99h3.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}.xpi deleted

==== Chrome Look ======================

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
nikpibnbobmbdbheedjfogjlikpgpnhp - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx[25.09.2013 05:05]

Docs - Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
V-bates - Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljmibnagodajacnnbifpamhggcohblip

==== Chrome Fix ======================

C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljmibnagodajacnnbifpamhggcohblip deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.amazon.de/gp/bit/amazonserp/ ... sp_adppi15"
"Default_Page_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.amazon.de/gp/bit/amazonserp/ ... sp_adppi15"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE11SR"
{67A2568C-7A0A-4EED-AECC-B5405DE63B64} Google Url="http://www.google.com/search?sourceid=i ... AW_deDE555"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchT ... {startPage}"

==== Reset Google Chrome ======================

C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\preferences was reset successfully
C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Andy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Andy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Andy\AppData\Local\Mozilla\Firefox\Profiles\zm4q99h3.default\Cache emptied successfully

==== Empty Chrome Cache ======================

No Chrome Cache found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=252 folders=71 29745989 bytes)

==== Empty Temp Folders ======================

C:\Users\Andy\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Andy\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on 20.03.2014 at 9:06:42,85 ======================

Poprosim o FRST http://forum.viry.cz/viewtopic.php?f=24&t=132509

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Andy (administrator) on ANDY-PC on 20-03-2014 09:19:26
Running from C:\Users\Andy\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
(AlcorMicro Co., Ltd.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Windows\PLFSetI.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
(Acer Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AmIcoSinglun64] - C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [323072 2009-07-22] (AlcorMicro Co., Ltd.)
HKLM\...\Run: [IAAnotif] - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation)
HKLM\...\Run: [mwlDaemon] - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [349480 2009-09-11] (Egis Technology Inc.)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8312352 2009-10-29] (Realtek Semiconductor)
HKLM\...\Run: [PLFSetI] - C:\Windows\PLFSetI.exe [200704 2013-09-28] ()
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1842472 2009-09-18] (Synaptics Incorporated)
HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [823840 2009-09-30] (Acer Incorporated)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - c:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-28] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BackupManagerTray] - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [261888 2009-09-25] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [EgisTecLiveUpdate] - C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [199464 2009-08-04] (Egis Technology Inc.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-12-09] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1100368 2009-11-02] (Dritek System Inc.)
HKLM-x32\...\Run: [ArcadeDeluxeAgent] - C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [419112 2009-10-29] (CyberLink Corp.)
HKLM-x32\...\Run: [PlayMovie] - C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe [181480 2009-11-12] (Acer Corp.)
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2013-10-06] (Microsoft Corporation)
HKU\S-1-5-21-2572004753-489833056-2062872051-1001\...\Run: [Facebook Update] - C:\Users\Andy\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-11-22] (Facebook Inc.)
AppInit_DLLs: C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~2.DLL => C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonExtIE64.dll [155456 2013-12-15] ()
AppInit_DLLs-x32: C:\PROGRA~2\Amazon\AMAZON~1\\AMAZON~3.DLL => C:\PROGRA~2\Amazon\AMAZON~1\\AMAZON~3.DLL [138048 2013-12-15] ()
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\rjatydimofu.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.amazon.de/gp/bit/amazonserp/ ... sp_adppi15
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=i ... lz=1I7ACAW
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=i ... AW_deDE555
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
BHO: The Amazon 1Button App for IE - {26B19FA4-E8A1-4A1B-A163-1A1E46F830DD} - C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonAppIE64.dll (Amazon Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: The Amazon 1Button App for IE - {26B19FA4-E8A1-4A1B-A163-1A1E46F830DD} - C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonAppIE.dll (Amazon Inc.)
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Acer\Acer VCM\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\zm4q99h3.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Andy\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF SearchPlugin: C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\zm4q99h3.default\searchplugins\amazon.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\awesomehp.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Amazon-Icon - C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\zm4q99h3.default\Extensions\amazon-icon@giga.de [2014-02-03]
FF Extension: Ask New Tabs - C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\zm4q99h3.default\Extensions\{09C79CB0-9AB0-B179-4F3E-DDB93CE109BE} [2014-02-11]
FF Extension: Amazon 1Button App for Firefox - C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\zm4q99h3.default\Extensions\abb@amazon.com.xpi [2014-01-31]

Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (Docs) - C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-09-28]
CHR Extension: (YouTube) - C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-09-28]
CHR Extension: (No Name) - C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo [2014-03-15]
CHR Extension: (DVDVideoSoft) - C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2013-09-28]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-09-28]

==================== Services (Whitelisted) =================

S3 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [305448 2009-09-11] (Egis Technology Inc.)
R2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [253952 2009-07-10] (Acer Incorporated)
S4 AntiVirWebService; "C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE" [X]

==================== Drivers (Whitelisted) ====================

R1 netfilter64; C:\Windows\System32\drivers\netfilter64.sys [61592 2013-12-17] (NetFilterSDK.com)
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796}; C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\000.fcl [146928 2009-11-12] (CyberLink Corp.)
S3 k57nd60a; system32\DRIVERS\k57nd60a.sys [X]
S1 ozeadgfy; \??\C:\Windows\system32\drivers\ozeadgfy.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-20 09:19 - 2014-03-20 09:19 - 00013051 _____ () C:\Users\Andy\Downloads\FRST.txt
2014-03-20 09:19 - 2014-03-20 09:19 - 00000000 ____D () C:\FRST
2014-03-20 09:18 - 2014-03-20 09:19 - 02157056 _____ (Farbar) C:\Users\Andy\Downloads\FRST64.exe
2014-03-20 09:05 - 2014-03-20 08:51 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-03-20 08:53 - 2014-03-20 09:06 - 00012217 _____ () C:\zoek-results.log
2014-03-20 08:51 - 2014-03-20 09:04 - 00000000 ____D () C:\zoek_backup
2014-03-20 08:42 - 2014-03-20 08:42 - 01285120 _____ () C:\Users\Andy\Downloads\zoek.exe
2014-03-20 06:07 - 2014-03-20 09:06 - 00001652 _____ () C:\Windows\PFRO.log
2014-03-20 06:07 - 2014-03-20 09:06 - 00000168 _____ () C:\Windows\setupact.log
2014-03-20 06:07 - 2014-03-20 06:07 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-19 23:38 - 2014-03-19 23:59 - 00000000 ____D () C:\AdwCleaner
2014-03-19 23:37 - 2014-03-19 23:37 - 01950720 _____ () C:\Users\Andy\Downloads\adwcleaner.exe
2014-03-19 23:23 - 2014-03-19 23:23 - 00000000 ____D () C:\Windows\ERUNT
2014-03-19 23:22 - 2014-03-19 23:22 - 01037734 _____ (Thisisu) C:\Users\Andy\Downloads\JRT.exe
2014-03-19 15:57 - 2014-03-19 15:57 - 00000000 ____D () C:\rsit
2014-03-19 15:57 - 2014-03-19 15:57 - 00000000 ____D () C:\Program Files\trend micro
2014-03-19 15:55 - 2014-03-19 15:55 - 00935175 _____ () C:\Users\Andy\Downloads\RSITx64(1).exe
2014-03-19 15:51 - 2014-03-19 15:52 - 00935175 _____ () C:\Users\Andy\Downloads\RSITx64.exe
2014-03-19 15:26 - 2014-03-19 15:26 - 00000000 ____D () C:\Program Files (x86)\Amazon
2014-03-15 14:06 - 2014-03-15 14:06 - 00280204 _____ () C:\Users\Andy\Downloads\WindowsUpdateDiagnostic.diagcab
2014-03-15 13:58 - 2014-03-19 15:18 - 00000113 _____ () C:\Users\Andy\AppData\Roaming\WB.CFG
2014-03-15 13:44 - 2014-03-16 14:07 - 00000378 _____ () C:\Windows\Tasks\APSnotifierPP2.job
2014-03-15 13:44 - 2014-03-16 13:47 - 00000380 _____ () C:\Windows\Tasks\APSnotifierPP1.job
2014-03-15 13:44 - 2014-03-16 13:47 - 00000378 _____ () C:\Windows\Tasks\APSnotifierPP3.job
2014-03-15 13:44 - 2014-03-15 14:03 - 00002828 _____ () C:\Windows\System32\Tasks\APSnotifierPP1
2014-03-15 13:44 - 2014-03-15 14:03 - 00002826 _____ () C:\Windows\System32\Tasks\APSnotifierPP3
2014-03-15 13:44 - 2014-03-15 14:03 - 00002826 _____ () C:\Windows\System32\Tasks\APSnotifierPP2
2014-03-15 13:43 - 2014-03-15 14:03 - 00000162 _____ () C:\Users\Andy\AppData\Roaming\aps.uninstall.scan.results
2014-03-15 13:42 - 2014-03-20 09:12 - 00000280 _____ () C:\Windows\Tasks\FF Watcher {C1AB1921-6FCD-44EA-A07A-C043A1F6D83B}.job
2014-03-15 13:42 - 2014-03-15 13:42 - 00003248 _____ () C:\Windows\System32\Tasks\FF Watcher {C1AB1921-6FCD-44EA-A07A-C043A1F6D83B}
2014-03-15 13:30 - 2014-03-15 13:30 - 00000000 ____D () C:\Users\Andy\AppData\Local\Tuguu_SL
2014-03-15 13:26 - 2014-03-20 00:16 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-03-15 13:24 - 2014-03-15 13:24 - 00391080 _____ () C:\Users\Andy\Downloads\Setup.exe
2014-03-15 13:24 - 2014-03-15 13:24 - 00000000 ____D () C:\Users\Andy\AppData\Local\Applications
2014-03-15 13:24 - 2014-03-15 13:24 - 00000000 ____D () C:\ProgramData\Applications
2014-03-15 13:23 - 2014-03-15 13:23 - 06790816 _____ (Microsoft Corporation) C:\Users\Andy\Downloads\WindowsPhone.exe
2014-03-14 15:41 - 2014-03-14 15:44 - 105664248 _____ (Microsoft Corporation) C:\Users\Andy\Downloads\ZuneSetupPkg.exe
2014-03-13 17:18 - 2014-03-01 07:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-13 17:18 - 2014-03-01 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-13 17:18 - 2014-03-01 06:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-13 17:18 - 2014-03-01 05:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-13 17:18 - 2014-03-01 05:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-13 17:18 - 2014-03-01 05:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-13 17:18 - 2014-03-01 05:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-13 17:18 - 2014-03-01 05:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-13 17:18 - 2014-03-01 05:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-13 17:18 - 2014-03-01 05:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-13 17:18 - 2014-03-01 05:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-13 17:18 - 2014-03-01 05:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-13 17:18 - 2014-03-01 05:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-13 17:18 - 2014-03-01 05:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-13 17:18 - 2014-03-01 05:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-13 17:18 - 2014-03-01 05:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-13 17:18 - 2014-03-01 05:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-13 17:18 - 2014-03-01 04:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-13 17:18 - 2014-03-01 04:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-13 17:18 - 2014-03-01 04:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-13 17:18 - 2014-03-01 04:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-13 17:18 - 2014-03-01 04:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-13 17:18 - 2014-03-01 04:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-13 17:18 - 2014-03-01 04:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-13 17:18 - 2014-03-01 04:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-13 17:18 - 2014-03-01 04:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-13 17:18 - 2014-03-01 04:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-13 17:18 - 2014-03-01 04:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-13 17:18 - 2014-03-01 04:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-13 17:18 - 2014-03-01 04:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-13 17:18 - 2014-03-01 04:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-13 17:18 - 2014-03-01 04:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-13 17:18 - 2014-03-01 04:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-13 17:18 - 2014-03-01 04:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-13 17:18 - 2014-03-01 03:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-13 17:18 - 2014-03-01 03:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-13 17:18 - 2014-03-01 03:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-13 17:18 - 2014-03-01 03:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-13 17:18 - 2014-03-01 03:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-13 17:18 - 2014-03-01 03:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-13 17:18 - 2014-02-07 02:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-13 17:18 - 2014-01-29 03:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-13 17:18 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-13 17:18 - 2014-01-28 03:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-13 17:16 - 2014-02-04 03:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-13 17:16 - 2014-02-04 03:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-13 17:16 - 2014-02-04 03:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-13 17:16 - 2014-02-04 03:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-10 18:31 - 2014-03-10 18:31 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_ZuneDriver_01_09_00.Wdf
2014-03-10 18:31 - 2014-03-10 18:31 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
2014-03-01 16:43 - 2014-03-01 16:43 - 00392800 _____ () C:\Users\Andy\Downloads\Player.exe
2014-02-26 14:02 - 2014-02-28 07:19 - 01593704 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-22 20:59 - 2014-02-22 20:59 - 00374272 _____ () C:\Users\Andy\Downloads\Java.exe
2014-02-20 18:38 - 2014-02-20 18:38 - 00000000 ____H () C:\Users\Andy\Documents\Default.rdp

==================== One Month Modified Files and Folders =======

2014-03-20 09:19 - 2014-03-20 09:19 - 00013051 _____ () C:\Users\Andy\Downloads\FRST.txt
2014-03-20 09:19 - 2014-03-20 09:19 - 00000000 ____D () C:\FRST
2014-03-20 09:19 - 2014-03-20 09:18 - 02157056 _____ (Farbar) C:\Users\Andy\Downloads\FRST64.exe
2014-03-20 09:13 - 2009-07-14 05:45 - 00017376 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-20 09:13 - 2009-07-14 05:45 - 00017376 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-20 09:12 - 2014-03-15 13:42 - 00000280 _____ () C:\Windows\Tasks\FF Watcher {C1AB1921-6FCD-44EA-A07A-C043A1F6D83B}.job
2014-03-20 09:12 - 2013-09-28 02:06 - 02045419 _____ () C:\Windows\WindowsUpdate.log
2014-03-20 09:06 - 2014-03-20 08:53 - 00012217 _____ () C:\zoek-results.log
2014-03-20 09:06 - 2014-03-20 06:07 - 00001652 _____ () C:\Windows\PFRO.log
2014-03-20 09:06 - 2014-03-20 06:07 - 00000168 _____ () C:\Windows\setupact.log
2014-03-20 09:06 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-20 09:04 - 2014-03-20 08:51 - 00000000 ____D () C:\zoek_backup
2014-03-20 09:02 - 2013-09-28 02:11 - 00000000 ____D () C:\Users\Andy
2014-03-20 08:51 - 2014-03-20 09:05 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-03-20 08:46 - 2013-09-28 02:37 - 00000000 ____D () C:\ProgramData\Avira
2014-03-20 08:42 - 2014-03-20 08:42 - 01285120 _____ () C:\Users\Andy\Downloads\zoek.exe
2014-03-20 08:35 - 2013-11-22 22:14 - 00000924 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2572004753-489833056-2062872051-1001UA.job
2014-03-20 08:35 - 2013-09-28 02:49 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-20 06:07 - 2014-03-20 06:07 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-20 00:32 - 2013-11-26 13:14 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-20 00:31 - 2013-11-26 13:14 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-20 00:21 - 2009-11-05 01:36 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-03-20 00:16 - 2014-03-15 13:26 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-03-20 00:15 - 2009-11-05 04:32 - 00000000 ____D () C:\Program Files (x86)\Acer GameZone
2014-03-20 00:14 - 2013-11-25 22:57 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-19 23:59 - 2014-03-19 23:38 - 00000000 ____D () C:\AdwCleaner
2014-03-19 23:41 - 2013-09-28 02:12 - 00000997 _____ () C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-19 23:41 - 2013-09-28 02:12 - 00000000 ___RD () C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-19 23:37 - 2014-03-19 23:37 - 01950720 _____ () C:\Users\Andy\Downloads\adwcleaner.exe
2014-03-19 23:23 - 2014-03-19 23:23 - 00000000 ____D () C:\Windows\ERUNT
2014-03-19 23:22 - 2014-03-19 23:22 - 01037734 _____ (Thisisu) C:\Users\Andy\Downloads\JRT.exe
2014-03-19 23:11 - 2013-11-22 22:14 - 00000902 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2572004753-489833056-2062872051-1001Core.job
2014-03-19 15:57 - 2014-03-19 15:57 - 00000000 ____D () C:\rsit
2014-03-19 15:57 - 2014-03-19 15:57 - 00000000 ____D () C:\Program Files\trend micro
2014-03-19 15:55 - 2014-03-19 15:55 - 00935175 _____ () C:\Users\Andy\Downloads\RSITx64(1).exe
2014-03-19 15:52 - 2014-03-19 15:51 - 00935175 _____ () C:\Users\Andy\Downloads\RSITx64.exe
2014-03-19 15:26 - 2014-03-19 15:26 - 00000000 ____D () C:\Program Files (x86)\Amazon
2014-03-19 15:19 - 2013-09-28 02:49 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-19 15:19 - 2013-09-28 02:49 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-19 15:19 - 2013-09-28 02:49 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-19 15:18 - 2014-03-15 13:58 - 00000113 _____ () C:\Users\Andy\AppData\Roaming\WB.CFG
2014-03-16 14:31 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-03-16 14:07 - 2014-03-15 13:44 - 00000378 _____ () C:\Windows\Tasks\APSnotifierPP2.job
2014-03-16 13:47 - 2014-03-15 13:44 - 00000380 _____ () C:\Windows\Tasks\APSnotifierPP1.job
2014-03-16 13:47 - 2014-03-15 13:44 - 00000378 _____ () C:\Windows\Tasks\APSnotifierPP3.job
2014-03-15 14:06 - 2014-03-15 14:06 - 00280204 _____ () C:\Users\Andy\Downloads\WindowsUpdateDiagnostic.diagcab
2014-03-15 14:03 - 2014-03-15 13:44 - 00002828 _____ () C:\Windows\System32\Tasks\APSnotifierPP1
2014-03-15 14:03 - 2014-03-15 13:44 - 00002826 _____ () C:\Windows\System32\Tasks\APSnotifierPP3
2014-03-15 14:03 - 2014-03-15 13:44 - 00002826 _____ () C:\Windows\System32\Tasks\APSnotifierPP2
2014-03-15 14:03 - 2014-03-15 13:43 - 00000162 _____ () C:\Users\Andy\AppData\Roaming\aps.uninstall.scan.results
2014-03-15 13:42 - 2014-03-15 13:42 - 00003248 _____ () C:\Windows\System32\Tasks\FF Watcher {C1AB1921-6FCD-44EA-A07A-C043A1F6D83B}
2014-03-15 13:30 - 2014-03-15 13:30 - 00000000 ____D () C:\Users\Andy\AppData\Local\Tuguu_SL
2014-03-15 13:26 - 2009-07-14 04:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-03-15 13:26 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-03-15 13:24 - 2014-03-15 13:24 - 00391080 _____ () C:\Users\Andy\Downloads\Setup.exe
2014-03-15 13:24 - 2014-03-15 13:24 - 00000000 ____D () C:\Users\Andy\AppData\Local\Applications
2014-03-15 13:24 - 2014-03-15 13:24 - 00000000 ____D () C:\ProgramData\Applications
2014-03-15 13:23 - 2014-03-15 13:23 - 06790816 _____ (Microsoft Corporation) C:\Users\Andy\Downloads\WindowsPhone.exe
2014-03-14 15:44 - 2014-03-14 15:41 - 105664248 _____ (Microsoft Corporation) C:\Users\Andy\Downloads\ZuneSetupPkg.exe
2014-03-14 08:20 - 2009-07-14 05:45 - 00343008 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-14 08:18 - 2013-10-01 22:16 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-14 08:18 - 2013-10-01 22:16 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-13 11:06 - 2013-09-28 11:57 - 00699552 _____ () C:\Windows\system32\perfh007.dat
2014-03-13 11:06 - 2013-09-28 11:57 - 00149660 _____ () C:\Windows\system32\perfc007.dat
2014-03-13 11:06 - 2009-07-14 06:13 - 01620152 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-10 18:31 - 2014-03-10 18:31 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_ZuneDriver_01_09_00.Wdf
2014-03-10 18:31 - 2014-03-10 18:31 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
2014-03-01 16:43 - 2014-03-01 16:43 - 00392800 _____ () C:\Users\Andy\Downloads\Player.exe
2014-03-01 07:05 - 2014-03-13 17:18 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-01 06:17 - 2014-03-13 17:18 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-01 06:16 - 2014-03-13 17:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-01 05:58 - 2014-03-13 17:18 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-01 05:52 - 2014-03-13 17:18 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-01 05:51 - 2014-03-13 17:18 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-01 05:42 - 2014-03-13 17:18 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-01 05:40 - 2014-03-13 17:18 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-01 05:37 - 2014-03-13 17:18 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-01 05:33 - 2014-03-13 17:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-01 05:33 - 2014-03-13 17:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-01 05:32 - 2014-03-13 17:18 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-01 05:30 - 2014-03-13 17:18 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-01 05:23 - 2014-03-13 17:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-01 05:17 - 2014-03-13 17:18 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-01 05:11 - 2014-03-13 17:18 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-01 05:02 - 2014-03-13 17:18 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-01 04:54 - 2014-03-13 17:18 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-01 04:52 - 2014-03-13 17:18 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-01 04:51 - 2014-03-13 17:18 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-01 04:47 - 2014-03-13 17:18 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-01 04:43 - 2014-03-13 17:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-01 04:43 - 2014-03-13 17:18 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-01 04:42 - 2014-03-13 17:18 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-01 04:40 - 2014-03-13 17:18 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-01 04:38 - 2014-03-13 17:18 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-01 04:37 - 2014-03-13 17:18 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-01 04:35 - 2014-03-13 17:18 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-01 04:18 - 2014-03-13 17:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-01 04:16 - 2014-03-13 17:18 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-01 04:14 - 2014-03-13 17:18 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-01 04:10 - 2014-03-13 17:18 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-01 04:03 - 2014-03-13 17:18 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-01 04:00 - 2014-03-13 17:18 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-01 03:57 - 2014-03-13 17:18 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-01 03:38 - 2014-03-13 17:18 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-01 03:32 - 2014-03-13 17:18 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-01 03:27 - 2014-03-13 17:18 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-01 03:25 - 2014-03-13 17:18 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-01 03:25 - 2014-03-13 17:18 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-28 07:19 - 2014-02-26 14:02 - 01593704 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-22 20:59 - 2014-02-22 20:59 - 00374272 _____ () C:\Users\Andy\Downloads\Java.exe
2014-02-21 21:28 - 2013-09-28 02:49 - 00000000 ____D () C:\Windows\system32\Macromed
2014-02-21 21:28 - 2013-09-28 02:26 - 00000000 ____D () C:\Users\Public\OEM
2014-02-21 21:28 - 2009-11-05 01:26 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-02-21 21:28 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-02-21 21:28 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-02-21 21:27 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-02-20 18:38 - 2014-02-20 18:38 - 00000000 ____H () C:\Users\Andy\Documents\Default.rdp
2014-02-20 16:53 - 2009-07-27 21:41 - 00000000 ____D () C:\Windows\Panther

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-12 18:05

==================== End Of Log ============================

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  HKLM-x32\...\Run: [PlayMovie] - C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe [181480 2009-11-12] (Acer Corp.)
  HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2013-10-06] (Microsoft Corporation)
  HKU\S-1-5-21-2572004753-489833056-2062872051-1001\...\Run: [Facebook Update] - C:\Users\Andy\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-11-22] (Facebook Inc.)
  AppInit_DLLs: C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~2.DLL => C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonExtIE64.dll [155456 2013-12-15] ()
  AppInit_DLLs-x32: C:\PROGRA~2\Amazon\AMAZON~1\\AMAZON~3.DLL => C:\PROGRA~2\Amazon\AMAZON~1\\AMAZON~3.DLL [138048 2013-12-15] ()
  IFEO\bpsvc.exe: [Debugger] tasklist.exe
  IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
  IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
  IFEO\protectedsearch.exe: [Debugger] tasklist.exe
  IFEO\rjatydimofu.exe: [Debugger] tasklist.exe
  IFEO\searchprotection.exe: [Debugger] tasklist.exe
  IFEO\searchprotector.exe: [Debugger] tasklist.exe
  IFEO\snapdo.exe: [Debugger] tasklist.exe
  IFEO\stinst32.exe: [Debugger] tasklist.exe
  IFEO\stinst64.exe: [Debugger] tasklist.exe
  IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
  GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
  
  HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.amazon.de/gp/bit/amazonserp/ ... sp_adppi15
  StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
  SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
  SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
  SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
  SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE555
  SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
  BHO: The Amazon 1Button App for IE - {26B19FA4-E8A1-4A1B-A163-1A1E46F830DD} - C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonAppIE64.dll (Amazon Inc.)
  
  FF SearchPlugin: C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\zm4q99h3.default\searchplugins\amazon.xml
  FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
  FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\awesomehp.xml
  FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
  FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
  FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
  FF Extension: Amazon-Icon - C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\zm4q99h3.default\Extensions\amazon-icon@giga.de [2014-02-03]
  FF Extension: Ask New Tabs - C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\zm4q99h3.default\Extensions\{09C79CB0-9AB0-B179-4F3E-DDB93CE109BE} [2014-02-11]
  FF Extension: Amazon 1Button App for Firefox - C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\zm4q99h3.default\Extensions\abb@amazon.com.xpi [2014-01-31]
  
  Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
  CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-09-28]
  
  S3 k57nd60a; system32\DRIVERS\k57nd60a.sys [X]
  S1 ozeadgfy; \??\C:\Windows\system32\drivers\ozeadgfy.sys [X]
  
  C:\Windows\system32\drivers\ozeadgfy.sys
  2014-03-20 09:05 - 2014-03-20 08:51 - 00024064 _____ () C:\Windows\zoek-delete.exe
  2014-03-20 08:53 - 2014-03-20 09:06 - 00012217 _____ () C:\zoek-results.log
  2014-03-20 08:51 - 2014-03-20 09:04 - 00000000 ____D () C:\zoek_backup
  2014-03-20 08:42 - 2014-03-20 08:42 - 01285120 _____ () C:\Users\Andy\Downloads\zoek.exe
  2014-03-20 06:07 - 2014-03-20 09:06 - 00001652 _____ () C:\Windows\PFRO.log
  2014-03-20 06:07 - 2014-03-20 09:06 - 00000168 _____ () C:\Windows\setupact.log
  2014-03-20 06:07 - 2014-03-20 06:07 - 00000000 _____ () C:\Windows\setuperr.log
  2014-03-19 23:37 - 2014-03-19 23:37 - 01950720 _____ () C:\Users\Andy\Downloads\adwcleaner.exe
  2014-03-19 23:22 - 2014-03-19 23:22 - 01037734 _____ (Thisisu) C:\Users\Andy\Downloads\JRT.exe
  2014-03-19 15:55 - 2014-03-19 15:55 - 00935175 _____ () C:\Users\Andy\Downloads\RSITx64(1).exe
  2014-03-19 15:51 - 2014-03-19 15:52 - 00935175 _____ () C:\Users\Andy\Downloads\RSITx64.exe
  2014-03-15 13:44 - 2014-03-16 14:07 - 00000378 _____ () C:\Windows\Tasks\APSnotifierPP2.job
  2014-03-15 13:44 - 2014-03-16 13:47 - 00000380 _____ () C:\Windows\Tasks\APSnotifierPP1.job
  2014-03-15 13:44 - 2014-03-16 13:47 - 00000378 _____ () C:\Windows\Tasks\APSnotifierPP3.job
  2014-03-15 13:44 - 2014-03-15 14:03 - 00002828 _____ () C:\Windows\System32\Tasks\APSnotifierPP1
  2014-03-15 13:44 - 2014-03-15 14:03 - 00002826 _____ () C:\Windows\System32\Tasks\APSnotifierPP3
  2014-03-15 13:44 - 2014-03-15 14:03 - 00002826 _____ () C:\Windows\System32\Tasks\APSnotifierPP2
  2014-03-15 13:43 - 2014-03-15 14:03 - 00000162 _____ () C:\Users\Andy\AppData\Roaming\aps.uninstall.scan.results
  2014-03-15 13:42 - 2014-03-20 09:12 - 00000280 _____ () C:\Windows\Tasks\FF Watcher {C1AB1921-6FCD-44EA-A07A-C043A1F6D83B}.job
  2014-03-15 13:42 - 2014-03-15 13:42 - 00003248 _____ () C:\Windows\System32\Tasks\FF Watcher {C1AB1921-6FCD-44EA-A07A-C043A1F6D83B}
  
  Hosts:
  CMD: shutdown /r /f /t 2
  
  End

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

nevim,jestli to je ten spravny.nic se neobjevilo

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-03-2014
Ran by Andy at 2014-03-20 09:53:12 Run:1
Running from C:\Users\Andy\Downloads
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
HKLM-x32\...\Run: [PlayMovie] - C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe [181480 2009-11-12] (Acer Corp.)
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2013-10-06] (Microsoft Corporation)
HKU\S-1-5-21-2572004753-489833056-2062872051-1001\...\Run: [Facebook Update] - C:\Users\Andy\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-11-22] (Facebook Inc.)
AppInit_DLLs: C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~2.DLL => C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonExtIE64.dll [155456 2013-12-15] ()
AppInit_DLLs-x32: C:\PROGRA~2\Amazon\AMAZON~1\\AMAZON~3.DLL => C:\PROGRA~2\Amazon\AMAZON~1\\AMAZON~3.DLL [138048 2013-12-15] ()
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\rjatydimofu.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.amazon.de/gp/bit/amazonserp/ ... sp_adppi15
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=i ... lz=1I7ACAW
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=i ... AW_deDE555
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
BHO: The Amazon 1Button App for IE - {26B19FA4-E8A1-4A1B-A163-1A1E46F830DD} - C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonAppIE64.dll (Amazon Inc.)

FF SearchPlugin: C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\zm4q99h3.default\searchplugins\amazon.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\awesomehp.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Amazon-Icon - C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\zm4q99h3.default\Extensions\amazon-icon@giga.de [2014-02-03]
FF Extension: Ask New Tabs - C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\zm4q99h3.default\Extensions\{09C79CB0-9AB0-B179-4F3E-DDB93CE109BE} [2014-02-11]
FF Extension: Amazon 1Button App for Firefox - C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\zm4q99h3.default\Extensions\abb@amazon.com.xpi [2014-01-31]

Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-09-28]

S3 k57nd60a; system32\DRIVERS\k57nd60a.sys [X]
S1 ozeadgfy; \??\C:\Windows\system32\drivers\ozeadgfy.sys [X]

C:\Windows\system32\drivers\ozeadgfy.sys
2014-03-20 09:05 - 2014-03-20 08:51 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-03-20 08:53 - 2014-03-20 09:06 - 00012217 _____ () C:\zoek-results.log
2014-03-20 08:51 - 2014-03-20 09:04 - 00000000 ____D () C:\zoek_backup
2014-03-20 08:42 - 2014-03-20 08:42 - 01285120 _____ () C:\Users\Andy\Downloads\zoek.exe
2014-03-20 06:07 - 2014-03-20 09:06 - 00001652 _____ () C:\Windows\PFRO.log
2014-03-20 06:07 - 2014-03-20 09:06 - 00000168 _____ () C:\Windows\setupact.log
2014-03-20 06:07 - 2014-03-20 06:07 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-19 23:37 - 2014-03-19 23:37 - 01950720 _____ () C:\Users\Andy\Downloads\adwcleaner.exe
2014-03-19 23:22 - 2014-03-19 23:22 - 01037734 _____ (Thisisu) C:\Users\Andy\Downloads\JRT.exe
2014-03-19 15:55 - 2014-03-19 15:55 - 00935175 _____ () C:\Users\Andy\Downloads\RSITx64(1).exe
2014-03-19 15:51 - 2014-03-19 15:52 - 00935175 _____ () C:\Users\Andy\Downloads\RSITx64.exe
2014-03-15 13:44 - 2014-03-16 14:07 - 00000378 _____ () C:\Windows\Tasks\APSnotifierPP2.job
2014-03-15 13:44 - 2014-03-16 13:47 - 00000380 _____ () C:\Windows\Tasks\APSnotifierPP1.job
2014-03-15 13:44 - 2014-03-16 13:47 - 00000378 _____ () C:\Windows\Tasks\APSnotifierPP3.job
2014-03-15 13:44 - 2014-03-15 14:03 - 00002828 _____ () C:\Windows\System32\Tasks\APSnotifierPP1
2014-03-15 13:44 - 2014-03-15 14:03 - 00002826 _____ () C:\Windows\System32\Tasks\APSnotifierPP3
2014-03-15 13:44 - 2014-03-15 14:03 - 00002826 _____ () C:\Windows\System32\Tasks\APSnotifierPP2
2014-03-15 13:43 - 2014-03-15 14:03 - 00000162 _____ () C:\Users\Andy\AppData\Roaming\aps.uninstall.scan.results
2014-03-15 13:42 - 2014-03-20 09:12 - 00000280 _____ () C:\Windows\Tasks\FF Watcher {C1AB1921-6FCD-44EA-A07A-C043A1F6D83B}.job
2014-03-15 13:42 - 2014-03-15 13:42 - 00003248 _____ () C:\Windows\System32\Tasks\FF Watcher {C1AB1921-6FCD-44EA-A07A-C043A1F6D83B}

Hosts:
CMD: shutdown /r /f /t 2

End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\PlayMovie => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SPReview => Value deleted successfully.
HKU\S-1-5-21-2572004753-489833056-2062872051-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Facebook Update => Value deleted successfully.
"C:\\PROGRA~2\\Amazon\\AMAZON~1\\AMAZON~2.DLL" => Value Data removed successfully.
"C:\\PROGRA~2\\Amazon\\AMAZON~1\\\\AMAZON~3.DLL" => Value Data removed successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\bpsvc.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\browsersafeguard.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\dprotectsvc.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\protectedsearch.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\rjatydimofu.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchprotection.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchprotector.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\snapdo.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\stinst32.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\stinst64.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\utiljumpflip.exe => Key deleted successfully.
C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} => Key deleted successfully.
HKCR\CLSID\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key deleted successfully.
HKCR\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD} => Key deleted successfully.
HKCR\CLSID\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD} => Key deleted successfully.
C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\zm4q99h3.default\searchplugins\amazon.xml => Moved successfully.
C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml => Moved successfully.
C:\Program Files (x86)\mozilla firefox\browser\searchplugins\awesomehp.xml => Moved successfully.
C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml => Moved successfully.
C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml => Moved successfully.
C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml => Moved successfully.
C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\zm4q99h3.default\Extensions\amazon-icon@giga.de => Moved successfully.
C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\zm4q99h3.default\Extensions\{09C79CB0-9AB0-B179-4F3E-DDB93CE109BE} => Moved successfully.
C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\zm4q99h3.default\Extensions\abb@amazon.com.xpi => Moved successfully.
HKCU\SOFTWARE\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp => Key deleted successfully.
C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx => Moved successfully.
k57nd60a => Service deleted successfully.
ozeadgfy => Service deleted successfully.
"C:\Windows\system32\drivers\ozeadgfy.sys" => File/Directory not found.
C:\Windows\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\Andy\Downloads\zoek.exe => Moved successfully.
C:\Windows\PFRO.log => Moved successfully.
C:\Windows\setupact.log => Moved successfully.
C:\Windows\setuperr.log => Moved successfully.
C:\Users\Andy\Downloads\adwcleaner.exe => Moved successfully.
C:\Users\Andy\Downloads\JRT.exe => Moved successfully.
C:\Users\Andy\Downloads\RSITx64(1).exe => Moved successfully.
C:\Users\Andy\Downloads\RSITx64.exe => Moved successfully.
C:\Windows\Tasks\APSnotifierPP2.job => Moved successfully.
C:\Windows\Tasks\APSnotifierPP1.job => Moved successfully.
C:\Windows\Tasks\APSnotifierPP3.job => Moved successfully.
C:\Windows\System32\Tasks\APSnotifierPP1 => Moved successfully.
C:\Windows\System32\Tasks\APSnotifierPP3 => Moved successfully.
C:\Windows\System32\Tasks\APSnotifierPP2 => Moved successfully.
C:\Users\Andy\AppData\Roaming\aps.uninstall.scan.results => Moved successfully.
C:\Windows\Tasks\FF Watcher {C1AB1921-6FCD-44EA-A07A-C043A1F6D83B}.job => Moved successfully.
C:\Windows\System32\Tasks\FF Watcher {C1AB1921-6FCD-44EA-A07A-C043A1F6D83B} => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

========= shutdown /r /f /t 2 =========


========= End of CMD: =========



The system needed a reboot.

==== End of Fixlog ====

Je to OK, jak se chova PC??

ZdravimNemel jsem ted moznost par dni mluvit s kamosem.Ale dneska rikal ze je ro lepsi ale stale vyskakujou okna.Podle me je to proto,ze le ze furt na ty pornostranky a tam se nakazi.No jo mladej skopcak Protoze kdyz jsem tam byl a vycistili nsme to tak to bylo fakt ok.Nevim jestli to ma cenu s tim pokracovat